Property Abroad
Blog
QNAP has patched 3 vulnerabilities in its NAS devices, including authentication bypass.

QNAP has patched 3 vulnerabilities in its NAS devices, including authentication bypass.

QNAP has patched 3 vulnerabilities in its NAS devices, including authentication bypass.

Taiwan-based QNAP has released patches for three vulnerabilities in its NAS devices that allow attackers to gain access to the devices. The affected vulnerabilities are improper authentication (CVE-2024-21899), injection (CVE-2024-21900) and SQL injection (CVE-2024-21901).

Recommended News
Recommended real estate
The most serious of these is the CVE-2024-21899 vulnerability with a CVSS score of 9.8, which can be exploited by a remote unauthorized attacker.

Lists the versions affected by the vulnerabilities and the versions released by the Taiwanese manufacturer to fix them. Instructions are included for updating QTS, QuTS hero, QuTScloud, and myQNAPcloud.

Details can be found in the official announcement, as well as on the Twitter and Facebook pages of Pierluigi Paganini (SecurityAffairs - hacking, NAS).

Tags

Comment

Popular Posts

Subscribe to the newsletter from Hatamatata.ru!

I agree to the processing of personal data and confidentiality rules of Hatamatata