Skip to main content

QNAP NAS Multiple Vulnerabilities

Release Date: 5 Jul 2021 5158 Views

RISK: Medium Risk

TYPE: Servers - Other Servers

TYPE: Other Servers

Multiple vulnerabilities were identified in QNAP NAS, a remote attacker could exploit some of these vulnerabilities to trigger remote code execution and cross-site scripting on the targeted system.


Impact

  • Remote Code Execution
  • Cross-Site Scripting

System / Technologies affected

  • QuLog Center versions prior to 1.2.0
  • Q'center versions prior to 1.11.1004
  • QTS 4.5.1.1540 build prior to 20210107
  • QTS 4.5.2.1566 build prior to 20210202
  • QTS 4.5.3.1652 build prior to 20210428
  • QuTS hero h4.5.1.1582 build prior to 20210217
  • QuTS hero h4.5.2.1638 build prior to 20210414
  • QuTS hero h4.5.3.1670 build prior to 20210515
  • QuTScloud c4.5.5.1656 build prior to 20210503

Solutions

Before installation of the software, please visit the vendor web-site for more details.

 

Apply fixes issued by the vendor:


Vulnerability Identifier


Source


Related Link