Security Alert (A23-11-09): Vulnerability in QNAP Products
13 November 2023
QNAP has published a security advisory to address a vulnerability in QNAP products. The details of security updates can be found at: https://www.qnap.com/en/security-advisory/QSA-23-24
QNAP NAS devices running QTS operating system versions prior to 126.96.36.1996 build 20230421
QNAP NAS devices running QuTS hero operating system versions prior to h188.8.131.526 build 20230421
QNAP NAS devices running QuTScloud version prior to c184.108.40.2068
For detailed information of the affected products, please refer to the corresponding security advisory at vendor's website.
Successful exploitation of the vulnerability could lead to arbitrary command injection on an affected system.
Patches for affected products are available. System administrators of affected products should follow the recommendations provided by the product vendor and take immediate actions to mitigate the risk.