QNAP NAS Remote Code Execution Vulnerabilities

Release Date: 14 Feb 2024 2680 Views

RISK: Medium Risk

Medium Risk

TYPE: Servers - Other Servers

TYPE: Other Servers

Multiple vulnerabilities were identified in QNAP NAS. A remote attacker could exploit some of these vulnerabilities to trigger remote code execution on the targeted system.

Impact

  • Remote Code Execution

System / Technologies affected

  • QTS version prior to 5.1.0.2444 build 20230629
  • QTS version prior to 5.0.1.2145 build 20220903
  • QTS version prior to 5.0.0.1986 build 20220324
  • QTS version prior to 4.5.4.2012 build 20220419
  • QTS version prior to 4.3.6.2665 build 20240131
  • QTS version prior to 4.3.4.2675 build 20240131
  • QTS version prior to 4.3.3.2644 build 20240131
  • QTS version prior to 4.2.6 build 20240131
  • QuTS hero version prior to h5.1.0.2466 build 20230721
  • QuTS hero version prior to h5.0.1.2192 build 20221020
  • QuTS hero version prior to h5.0.0.1986 build 20220324
  • QuTS hero version prior to h4.5.4.1991 build 20220330

Solutions

Before installation of the software, please visit the vendor web-site for more details.

 

Apply fixes issued by the vendor:

Vulnerability Identifier

Source

Related Link

Related Tags

QNAPRemote Code Execution

Share with

Previous

Zoom Products Multiple Vulnerabilities

14 Feb 2024 2920 Views

Next

Node.js Multiple Vulnerabilities

15 Feb 2024 2997 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY