HomeSample Page
Cyber Security

Sample Page Title

admin_kiran
By admin_kiran
0
11


î ‚Nov 06, 2023î „NewsroomVulnerability / Information Safety

QNAP

QNAP has launched safety updates to handle two vital safety flaws impacting its working system that might end in arbitrary code execution.

Tracked as CVE-2023-23368 (CVSS rating: 9.8), the vulnerability is described as a command injection bug affecting QTS, QuTS hero, and QuTScloud.

“If exploited, the vulnerability may enable distant attackers to execute instructions through a community,” the corporate stated in an advisory revealed over the weekend.

The shortcoming spans the beneath variations –

  • QTS 5.0.x (Fastened in QTS 5.0.1.2376 construct 20230421 and later)
  • QTS 4.5.x (Fastened in QTS 4.5.4.2374 construct 20230416 and later)
  • QuTS hero h5.0.x (Fastened in QuTS hero h5.0.1.2376 construct 20230421 and later)
  • QuTS hero h4.5.x (Fastened in QuTS hero h4.5.4.2374 construct 20230417 and later)
  • QuTScloud c5.0.x (Fastened in QuTScloud c5.0.1.2374 and later)
Cybersecurity

Additionally mounted by QNAP is one other command injection flaw in QTS, Multimedia Console, and Media Streaming add-on (CVE-2023-23369, CVSS rating: 9.0) that might enable distant attackers to execute instructions through a community.

The next variations of the software program are impacted –

  • QTS 5.1.x (Fastened in QTS 5.1.0.2399 construct 20230515 and later)
  • QTS 4.3.6 (Fastened in QTS 4.3.6.2441 construct 20230621 and later)
  • QTS 4.3.4 (Fastened in QTS 4.3.4.2451 construct 20230621 and later)
  • QTS 4.3.3 (Fastened in QTS 4.3.3.2420 construct 20230621 and later)
  • QTS 4.2.x (Fastened in QTS 4.2.6 construct 20230621 and later)
  • Multimedia Console 2.1.x (Fastened in Multimedia Console 2.1.2 (2023/05/04) and later)
  • Multimedia Console 1.4.x (Fastened in Multimedia Console 1.4.8 (2023/05/05) and later)
  • Media Streaming add-on 500.1.x (Fastened in Media Streaming add-on 500.1.1.2 (2023/06/12) and later)
  • Media Streaming add-on 500.0.x (Fastened in Media Streaming add-on 500.0.0.11 (2023/06/16) and later)
Cybersecurity

With QNAP gadgets exploited for ransomware assaults previously, customers working one of many aforementioned variations are urged to replace to the most recent model to mitigate potential threats.

The event comes weeks after the Taiwanese firm disclosed it took down a malicious server utilized in widespread brute-force assaults focusing on internet-exposed network-attached storage (NAS) gadgets with weak passwords.

Discovered this text attention-grabbing? Comply with us on Twitter ï‚™ and LinkedIn to learn extra unique content material we put up.



Previous article
Ava Labs cuts 12% of workers to ‘reallocate sources’ towards growth
Next article
As new Macs arrive, Apple proclaims main updates to Remaining Minimize Professional
admin_kiran
admin_kiranhttps://funded4trading.com

Related Articles

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest Articles

Load more

EDITOR PICKS

POPULAR POSTS

POPULAR CATEGORY

©