30k Internet-Exposed QNAP NAS Devices Affected by Recent Vulnerability

Attack surface management firm Censys has identified roughly 30,000 internet-exposed QNAP network-attached storage appliances that are likely affected by a recently disclosed critical-severity code injection vulnerability. Tracked as CVE-2022-27596, the security defect is described as an SQL injection bug that allows remote attackers to inject malicious code into vulnerable NAS devices. The issue impacts all devices that run QTS 5.0.1 and QuTS hero h5.0.1, and Censys says that nearly 30,000 devices running a vulnerable software version can be found on the internet. The number of affected devices could be much higher, the company warns. Censys has identified over 67,000 hosts that run QNAP software, but it could not retrieve the version information for 37,000 of them. Most of the identified vulnerable hosts are in Italy and the US. Taiwan, Germany, and Japan round up the top five list. "If the exploit is published and weaponized, it could spell trouble to thousands of QNAP users. Everyone must upgrade their QNAP devices immediately to be safe from future ransomware campaigns," Censys notes. QNAP appliances are known to be a target for cybercriminals, and the recent Deadbolt ransomware attacks are proof of that. At its peak, the threat had infected over 20,000 devices, allowing cybercriminals to steal roughly $200,000 from victims. "While there are no indications that bad actors are using this new exploit, the threat is definitely on the horizon," Censys underlines. QNAP has patched the vulnerability with the release of QTS 5.0.1.2234 build 20221201 and QuTS hero h5.0.1.2248 build 20221215. Users are advised to update their devices as soon as possible and to make sure that they are not accessible directly from the internet.

This Cyber News was published on www.securityweek.com. Publication date: Wed, 01 Feb 2023 12:46:03 +0000


Cyber News related to 30k Internet-Exposed QNAP NAS Devices Affected by Recent Vulnerability

Over 29,000 QNAP devices vulnerable to code injection attacks - Tens of thousands of QNAP network-attached storage devices are waiting to be patched against a critical security flaw addressed by the Taiwanese company on Monday. Remote threat actors can exploit this SQL injection vulnerability to inject malicious ...
1 year ago Bleepingcomputer.com
QNAP takes down server behind widespread brute-force attacks - QNAP took down a malicious server used in widespread brute-force attacks targeting Internet-exposed NAS devices with weak passwords. The Taiwanese hardware vendor detected the attacks on the evening of October 14 and, with assistance from Digital ...
10 months ago Bleepingcomputer.com
30k Internet-Exposed QNAP NAS Devices Affected by Recent Vulnerability - Attack surface management firm Censys has identified roughly 30,000 internet-exposed QNAP network-attached storage appliances that are likely affected by a recently disclosed critical-severity code injection vulnerability. Tracked as CVE-2022-27596, ...
1 year ago Securityweek.com
QNAP Devices Unpatched Against Critical Flaw: Over 29,000 Vulnerable - Tens of thousands of QNAP network-attached storage devices are exposed online and unpatched against a critical security flaw. Remote threat actors can exploit this SQL injection vulnerability to inject malicious code in attacks targeting ...
1 year ago Bleepingcomputer.com
QNAP Patches Critical Security Vulnerability that Allows Remote Code Injection - QNAP is warning customers to install QTS and QuTS firmware updates that fix a critical security vulnerability that potentially allows remote attackers to inject malicious code on QNAP NAS devices. This vulnerability is tracked as CVE-2022-27596 and ...
1 year ago Bleepingcomputer.com
QNAP Alerts of a Vulnerability that Could Lead to Deadbolt Ransomware Attacks - QNAP, a data-storage hardware vendor, has issued a warning to customers to update their devices due to the discovery of a vulnerability that could leave thousands exposed to attacks. The vulnerability, known as CVE-2022-27596, affects QNAP devices ...
1 year ago Therecord.media
QNAP Patches High-Severity Flaws in QTS, Video Station, QuMagie, Netatalk Products - Taiwan-based QNAP Systems on Friday announced patches for a dozen vulnerabilities across its product portfolio, including high-severity flaws in its operating system. The bug affects QTS versions 5.1.x and QuTS hero versions h5.1.x and was resolved ...
9 months ago Securityweek.com
CVE-2021-41769 - A vulnerability has been identified in SIPROTEC 5 6MD85 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 6MD86 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 6MD89 devices (CPU variant CP300) (All versions < ...
2 years ago
CVE-2020-2501 - A stack-based buffer overflow vulnerability has been reported to affect QNAP NAS devices running Surveillance Station. If exploited, this vulnerability allows attackers to execute arbitrary code. QNAP have already fixed this vulnerability in the ...
3 years ago
CVE-2021-28797 - A stack-based buffer overflow vulnerability has been reported to affect QNAP NAS devices running Surveillance Station. If exploited, this vulnerability allows attackers to execute arbitrary code. QNAP have already fixed this vulnerability in the ...
3 years ago
Zyxel warns of multiple critical vulnerabilities in NAS devices - Zyxel has addressed multiple security issues, including three critical ones that could allow an unauthenticated attacker to execute operating system commands on vulnerable network-attached storage devices. Zyxel NAS systems are used for storing data ...
10 months ago Bleepingcomputer.com
Hackers Actively Exploiting Vulnerability to Deploy Mirai Malware - Hackers exploit QNAP devices because they often have known vulnerabilities or misconfigurations that can be exploited for unauthorized access. QNAP devices store valuable data, which makes them lucrative targets for threat actors seeking to:-. NVR is ...
9 months ago Cybersecuritynews.com
Over 90,000 LG Smart TVs may be exposed to remote attacks - Security researchers at Bitdefender have discovered four vulnerabilities impacting multiple versions of WebOS, the operating system used in LG smart TVs. The flaws enable varying degrees of unauthorized access and control over affected models, ...
6 months ago Bleepingcomputer.com
Multiple QNAP Severity Flaw Let Attackers Execute Remote Code - QNAP has released multiple security advisories for addressing several high, medium, and low-severity vulnerabilities in multiple products, including QTS, QuTS hero, Netatalk, Video Station, QuMagie, and QcalAgent. QNAP has also stated all the ...
9 months ago Gbhackers.com
QNAP Releases Security Updates to Address Critical Vulnerability in NAS Devices - Taiwanese company QNAP has released updates to remediate a critical security flaw affecting its network-attached storage (NAS) devices. Tracked as CVE-2022-27596, the vulnerability has been rated 9.8 out of a maximum of 10 on the CVSS scoring scale. ...
1 year ago Thehackernews.com
Over 40,000 Cisco IOS XE devices infected with backdoor using zero-day - More than 40,000 Cisco devices running the IOS XE operating system have been compromised after hackers exploited a recently disclosed maximum severity vulnerability tracked as CVE-2023-20198. There is no patch or a workaround available and the only ...
10 months ago Bleepingcomputer.com
CISA Warns of FXC Router, QNAP NVR Vulnerabilities Exploited in the Wild - The US cybersecurity agency CISA on Thursday released industrial control system advisories for vulnerabilities affecting Future X Communications routers and QNAP network video recorder devices, and warned organizations that they have been exploited ...
9 months ago Securityweek.com
Claroty Team82: 63% of Known Exploited Vulnerabilities Tracked by CISA Are on Healthcare Organization Networks - PRESS RELEASE. NEW YORK and ORLANDO, Fla., March 12, 2024/PRNewswire/ -Claroty, the cyber-physical systems protection company, released today at the annual HIMSS24 conference a new report that uncovered concerning data about the security of medical ...
6 months ago Darkreading.com
CVE-2021-28806 - A DOM-based XSS vulnerability has been reported to affect QNAP NAS running QTS and QuTS hero. If exploited, this vulnerability allows attackers to inject malicious code. This issue affects: QNAP Systems Inc. QTS versions prior to 4.5.3.1652 Build ...
3 years ago
CVE-2021-28800 - A command injection vulnerability has been reported to affect QNAP NAS running legacy versions of QTS. If exploited, this vulnerability allows attackers to execute arbitrary commands in a compromised application. This issue affects: QNAP Systems Inc. ...
3 years ago
Why BYOD Is the Favored Ransomware Backdoor - These devices exist outside of direct corporate management and provide a ransomware gang with unchecked platforms for encrypting data. Microsoft's fourth annual Digital Defense Report for 2023 reveals that 80% of all ransomware compromises come from ...
9 months ago Esecurityplanet.com
IoT Security for Business: Safeguarding Connected Devices - In this discussion, we will explore the significance of IoT security for businesses and effective strategies for safeguarding connected devices. With the increasing number of connected devices in business environments, the need for effective IoT ...
8 months ago Securityzap.com
Access to Internet Infrastructure is Essential, in Wartime and Peacetime - We've been saying it for 20 years, and it remains true now more than ever: the internet is an essential service. It enables people to build and create communities, shed light on injustices, and acquire vital knowledge that might not otherwise be ...
7 months ago Eff.org
Android game dev's Google Drive misconfig highlights cloud security risks - Japanese game developer Ateam has proven that a simple Google Drive configuration mistake can result in the potential but unlikely exposure of sensitive information for nearly one million people over a period of six years and eight months. The ...
9 months ago Bleepingcomputer.com
QNAP NAS Security Flaw Allows Remote Attackers to Inject Malicious Code - QNAP has released updates for its network-attached storage systems to address a critical security vulnerability that could allow remote attackers to inject malicious code. Customers of QNAP are being advised to update their QTS and QuTS hero firmware ...
1 year ago Cybersecuritynews.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)