![]() Network-attached pwnageĪ command injection vulnerability (CVE-2020-2509) in QNAP NAS operating systems QTS and QuTS Hero is exploitable via the web server, and is addressed in various QTS versions and builds, plus QuTS Hero h4. ![]() Sold for home and commercial use through subsidiaries in 28 countries, QNAP’s NAS devices are used for file sharing, virtualization, storage management, and surveillance applications. The flaws, which were among a raft of serious bugs addressed by the Taiwanese hardware vendor last week, can both lead to remote code execution (RCE), according to a blog post published on March 31 by security researcher Yaniv Puyeski of SAM Seamless Network. UPDATED QNAP Systems has patched a pair of critical security vulnerabilities that could allow unauthenticated attackers to take control of its network-attached storage (NAS) devices. Taiwanese vendor also issues mitigations for quartet of other serious flaws ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |