QNAP Storage Devices Multiple Vulnerabilities
Last Update Date:
23 Mar 2017 10:23
Release Date:
23 Mar 2017
3273
Views
RISK: Medium Risk
TYPE: Servers - Other Servers
![TYPE: Other Servers](/f/bulletin_type/100016/37p37/servers-other-servers.png)
Multiple vulnerabilities were identified in QNAP Storage Devices, which could allow a remote attacker to conduct click-jacking attacks, obtain potentially sensitive information, inject SQL commands, conduct cross-site scripting or execute arbitrary code on the target system.
Impact
- Cross-Site Scripting
- Remote Code Execution
- Information Disclosure
System / Technologies affected
- prior to version 4.2.4 Build 20170313
Solutions
Before installation of the software, please visit the software manufacturer web-site for more details.
- Update to fixed version (QTS 4.2.4 Build 20170313).
Vulnerability Identifier
Source
Related Link
Share with