Skip to main content

QNAP QTS Remote Code Execution Vulnerability

Last Update Date: 8 May 2017 10:34 Release Date: 8 May 2017 4052 Views

RISK: High Risk

TYPE: Servers - Other Servers

TYPE: Other Servers

A vulnerability has been identified in QNAP Storage Devices running QTS, which can be exploited by remote attacker to execute arbitrary code or injected with XMR mining programs on the target system.


Impact

  • Remote Code Execution

System / Technologies affected

  • QNAP NAS devices

Solutions

  • Vulnerability has no patch available
  • The vendor has issued a Malware Remover application to detect and remove known XMR mining programs from the target system.

Vulnerability Identifier

  • No CVE information is available

Source


Related Link