QNAP NAS Remote Code Execution Vulnerability
RISK: Medium Risk
TYPE: Servers - Other Servers
A vulnerability has been identified in QNAP NAS, a remote user can exploit this vulnerability to trigger remote code execution on the targeted system.
- Remote Code Execution
System / Technologies affected
- QVR 5.1.5 build prior to 20210902
Before installation of the software, please visit the vendor web-site for more details.
- Apply fixes issued by the vendor:
QVR 5.1.5 build 20210902 and later
- Log on to QVR as administrator.
- Go to Control Panel > System Settings > Firmware Update.
- Under Live Update, click Check for Update.
QVR downloads and installs the latest available update.
Tip: You can also download the update from the QNAP website. Go to Support > Download Center and then perform a manual update for your specific device.