QNAP has patched 3 vulnerabilities in its NAS devices, including authentication bypass.
Taiwan-based QNAP has released patches for three vulnerabilities in its NAS devices that allow attackers to gain access to the devices. The affected vulnerabilities are improper authentication (CVE-2024-21899), injection (CVE-2024-21900) and SQL injection (CVE-2024-21901).
Lists the versions affected by the vulnerabilities and the versions released by the Taiwanese manufacturer to fix them. Instructions are included for updating QTS, QuTS hero, QuTScloud, and myQNAPcloud.
Details can be found in the official announcement, as well as on the Twitter and Facebook pages of Pierluigi Paganini (SecurityAffairs - hacking, NAS).
Tags
Comment
Popular Posts
Subscribe to the newsletter from Hatamatata.ru!
Subscribe to the newsletter from Hatamatata.ru!
I agree to the processing of personal data and confidentiality rules of Hatamatata