An injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated users to execute commands via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.3.2578 build 20231110 and later QuTS hero h5.1.3.2578 build 20231110 and later QuTScloud c5.1.5.2651 and later
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
qnap qts 5.1.3.2578 |
||
qnap quts hero h5.1.3.2578 |
||
qnap qts |
||
qnap quts hero |
||
qnap qutscloud |
QNAP warns of critical auth bypass flaw in its NAS devices By Bill Toulas March 8, 2024 03:03 PM 0 QNAP warns of vulnerabilities in its NAS software products, including QTS, QuTS hero, QuTScloud, and myQNAPcloud, that could allow attackers to access devices. The Taiwanese Network Attached Storage (NAS) device maker disclosed three vulnerabilities that can lead to an authentication bypass, command injection, and SQL injection. While the last two require the attackers to be authenticated...
Vulmon