Hackers exploit QNAP devices because they often have known vulnerabilities or misconfigurations that can be exploited for unauthorized access.
QNAP devices store valuable data, which makes them lucrative targets for threat actors seeking to:-.
NVR is a high-performance network surveillance solution for IP cameras and this high severity vulnerability poses risks to:-.
The authenticated attacker exploits the OS command injection via a POST request to the management interface with the help of this vulnerability.
The vulnerability leverages the device's default credentials in the current configuration.
Here below, we have mentioned all the affected versions of QNAP VioStor NVR firmware:-.
QNAP advises upgrading VioStor firmware on unsupported devices and changing default passwords.
A previously patched issue, undisclosed, was found during the InfectedSlurs campaign.
Confirming zero-day status was challenging due to unattributed exploits in the absence of device or manufacturer linkage.
SIRT identifies QNAP VioStor NVR devices as the target of the exploit.
Weak default credentials, coupled with OS command injection vulnerabilities in NTP settings, affect the following devices:-.
After collaboration with US-CERT and QNAP, confirmation is received that only retired VioStor versions are targeted through a POST request to /cgi-bin/server/server.
Cgi, exploiting a remote code execution vulnerability.
Default credentials and old network systems invite botnet infections.
Legacy systems are breeding grounds for new vulnerabilities, which highlights the need for better IoT practices.
For both consumers and manufacturers, awareness is important, and not only that even for system safety must have:-.
Here below, we have mentioned all the recommendations provided by the security analysts:-.
This Cyber News was published on cybersecuritynews.com. Publication date: Mon, 18 Dec 2023 13:15:25 +0000