Security Alert (A23-02-02): Vulnerability in QNAP Products


 

Published on: 01 February 2023

  
  

Description:

QNAP has published a security advisory to address a vulnerability in QNAP QTS and QNAP QuTS hero. The details of the security updates can be found at:
https://www.qnap.com/en/security-advisory/QSA-23-01

 

Affected Systems:

  • QNAP NAS devices running QTS 5.0.1 operating system
  • QNAP NAS devices running QuTS hero h5.0.1 operating system

 

Impact:

Successful exploitation could lead to remote code execution on an affected system.

 

Recommendation:

Patches for affected products are available. System administrators of affected products should follow the recommendations provided by the product vendor and take immediate actions to mitigate the risk.

 

More Information:

  • https://www.qnap.com/en/security-advisory/QSA-23-01
  • https://www.hkcert.org/security-bulletin/qnap-nas-remote-code-execution-vulnerability_20230131
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27596


Tag: QNAP , QTS , QuTS hero
Tags