Security Alert (A23-10-07): Multiple Vulnerabilities in QNAP Products
09 October 2023
QNAP has published a security advisory to address multiple vulnerabilities in QNAP products. The details of security updates can be found at: https://www.qnap.com/en/security-advisory/QSA-23-37
QNAP NAS devices running QTS operating system versions prior to 22.214.171.1247 build 20230718, 126.96.36.1995 build 20230609, 188.8.131.524 build 20230629
QNAP NAS devices running QuTS hero operating system versions prior to h184.108.40.2066 build 20230728, h220.127.116.115 build 20230907, h18.104.22.1684 build 20230609
QNAP NAS devices running QuTScloud version prior to c22.214.171.1248
For detailed information of the affected products, please refer to the corresponding security advisory at vendor's website.
Successful exploitation of the vulnerabilities could lead to remote code execution on an affected system.
Patches for affected products are available. System administrators of affected products should follow the recommendations provided by the product vendor and take immediate actions to mitigate the risk.