QNAP Storage Devices Remote Users Access Vulnerability

Last Update Date: 23 Jan 2017 10:17 Release Date: 23 Jan 2017 4172 Views

RISK: High Risk

High Risk

TYPE: Servers - Other Servers

TYPE: Other Servers

A vulnerability was identified in QNAP Storage Devices, a remote user can gain access to the target system.

Impact

  • Security Restriction Bypass

System / Technologies affected

  • All QNAP NAS running QTS

Solutions

  • No solution was available at the time of this vulnerability

 

Workaround

Users can choose to disable automatic updates and avoid clicking the "Check for Update" button on the Live Update tab. Instead, QNAP recommends performing a manual update instead from the Firmware Update tab.

 

Disabling Live Update

  1. Log on as administrator to the QTS web console.
  2. Go to "Control Panel" > "Firmware Update" > "Live Update".
  3. Deselect "Automatically check if a newer version is available when logging into the NAS web administration interface".
  4. Click "Apply".

Vulnerability Identifier

  • No CVE information is available

Source

Related Link

Share with

Previous

Cisco WebEx Meetings Server Multiple vulnerabilities

20 Jan 2017 4170 Views

Next

Mozilla Firefox Multiple Vulnerabilities

25 Jan 2017 4214 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY