Security Alert (A24-01-04): Multiple Vulnerabilities in QNAP Products


 

Published on: 08 January 2024

     
Email to

Description:

QNAP has published security advisories to address multiple vulnerabilities in QNAP products. The list of security updates can be found at:
This link will open in a new windowhttps://www.qnap.com/en/security-advisory/QSA-23-22
This link will open in a new windowhttps://www.qnap.com/en/security-advisory/QSA-23-23
This link will open in a new windowhttps://www.qnap.com/en/security-advisory/QSA-23-27
This link will open in a new windowhttps://www.qnap.com/en/security-advisory/QSA-23-32
This link will open in a new windowhttps://www.qnap.com/en/security-advisory/QSA-23-34
This link will open in a new windowhttps://www.qnap.com/en/security-advisory/QSA-23-54
This link will open in a new windowhttps://www.qnap.com/en/security-advisory/QSA-23-55
This link will open in a new windowhttps://www.qnap.com/en/security-advisory/QSA-23-64

 

Affected Systems:

  • QNAP NAS devices running QTS operating system versions prior to 5.1.4.2596 build 20231128
  • QNAP NAS devices running QuTS hero operating system versions prior to h5.1.4.2596 build 20231128
  • QNAP NAS devices running QcalAgent versions prior to 1.1.8
  • QNAP NAS devices running QuMagie versions prior to 2.2.1
  • QNAP NAS devices running Video Station versions prior to 5.7.2 (2023/11/23)

For detailed information of the affected products, please refer to the corresponding security advisory at vendor's website.

 

Impact:

Successful exploitation of the vulnerabilities could lead to remote code execution or denial of service on an affected system.

 

Recommendation:

Patches for affected products are available. System administrators of affected products should follow the recommendations provided by the product vendor and take immediate actions to mitigate the risk.

 

More Information:



Tag: NAS , QTS , QuTS hero , QcalAgent , QuMagie , Video Station
Tags