Owners of a NAS from QNAP are advised to be extremely careful. The expert for network solutions has now made it public that a critical security vulnerability has been discovered. This could allow criminals to inject malicious codes. Models that rely on the QTS-hero or QuTS-hero operating system are probably affected. However, corresponding updates should quickly fix the problem.
QNAP plays out security update
Networking expert QNAP has once again taken flight and urged users of its NAS to install the latest firmware. The reason for this is a security vulnerability that opens the door to critical attacks. All those whose QNAP device is based on QTS- or QuTS-hero should now install the latest update as soon as possible. This will prevent the injection of malicious code, which is currently still enabled by the vulnerability. In its announcement, the company expresses itself briefly and concisely. For example, details about the security leak are missing. However, the mere fact that the manufacturer classifies the threat as critical should urgently encourage owners of one of the affected devices to take action.
- Also interesting: QNAP TS-464-4G review – QNAP’s new 4-bay NAS
All that can be gleaned from the report is that insufficient filtering is likely to be the cause of the security flaw. While we would like to know the exact cause behind the vulnerability, we can of course completely understand the behavior of the network expert. After all, it would be fatal if the company were to reveal too much information now. It’s possible that criminals could then hunt down QNAP NASes that don’t yet have the latest firmware installed, with the appropriate vulnerability in tow.
- Have you read this? QNAP TS-1655: New high-capacity hybrid storage with 2.5GbE and 8-core Intel CPU
Upgrade is no alternative
In order for owners of a NAS from QNAP to protect themselves from nasty consequences of the security vulnerability, the installation of the latest firmware is inevitable. These are QTS 5.0.1.2234 build 20221201 and QuTS hero h5.0.1.2248 build 20221215, which should effectively close the security hole. You can find the appropriate version for your model on the official website of QNAP.
No replies yet
Neue Antworten laden...
Gehört zum Inventar
Beteilige dich an der Diskussion in der Basic Tutorials Community →