October 3, 2023

Qnap releases updates to address a critical vulnerability, tracked as CVE-2022-27596 with a CVSS v3 score: 9.8, that affects QNAP NAS devices.

A remote attacker can exploit the vulnerability to inject malicious code on QNAP NAS devices. This flaw can be exploited without user interaction or privileges on the vulnerable device.

The flaw is fixed in the following operating system versions.

  • QTS 5.0.1.2234 build 20221201 and later
  • QuTS hero h5.0.1.2248 build 20221215 and later

The company urges customers to apply security updates as soon as possible.

Below is the step-by-step procedure to update QTS or QuTS hero:

  1. Log in to QTS or QuTS hero as an administrator.
  2. Go to Control Panel > System > Firmware Update.
  3. Under Live Update, click Check for Update.
    QTS or QuTS hero downloads and installs the latest available update.

Users can also download the update from the QNAP website by going to Support > Download Center and then performing a manual update for their specific device.

Tags:

Leave a Reply

You may have missed

Industrial Control Systems and Vulnerability Management Process

October 2, 2023

McLaren Healthcare suffers a Ransomware Incident

October 2, 2023

TheCyberThrone CyberSecurity Newsletter Top 5 Articles – September, 2023

October 2, 2023

TheCyberThrone Security Week In Review – September 30, 2023

October 1, 2023

Mozilla fixes CVE-2023-5217 Vulnerability in its Products

September 30, 2023

CISA KEV Update Part III – September 2023

September 30, 2023
%d bloggers like this: