Multiple QNAP Severity Flaw Let Attackers Execute Remote Code

QNAP has released multiple security advisories for addressing several high, medium, and low-severity vulnerabilities in multiple products, including QTS, QuTS hero, Netatalk, Video Station, QuMagie, and QcalAgent.
QNAP has also stated all the affected products and their versions and the steps to update each product.
Exploiting this vulnerability could allow authenticated administrators to execute code through a network.
Compounding the problem are zero-day vulnerabilities like the MOVEit SQLi, Zimbra XSS, and 300+ such vulnerabilities that get discovered each month.
The severity of this set of vulnerabilities has been given as low, according to the QNAP security advisory.
CVE-2023-39294 and CVE-2023-39296 were given medium and high severity as per the security advisories.
CVE-2023-39294 was associated with OS command injection, which could allow authenticated administrators to execute commands through a network.
CVE-2023-47219 was a low-severity vulnerability associated with SQL injection that could allow an authenticated threat actor to inject malicious code via a network.
CVE-2023-47559 and CVE-2023-47560 were a set of high-severity vulnerabilities linked to Cross-site scripting and OS command injection, respectively.
Both of these vulnerabilities require the threat actor to be an authenticated user.
Exploiting these vulnerabilities could result in either the injection of malicious code or the execution of commands through a network.
CVE-2023-41287 and CVE-2023-41288 were another set of vulnerabilities reported on a QNAP security advisory.
CVE-2023-41287 was an SQL injection vulnerability, and CVE-2023-41288 was an OS command injection vulnerability.
These vulnerabilities were marked as high severity by QNAP. However, both vulnerabilities affect Video Station version 5.7.x and have been fixed in Video Station 5.7.2 and later versions.
The Netatalk vulnerability has been given the CVE-2022-43634, and its severity is high.
QNAP has not released any other details about this vulnerability or its category.
According to the security advisory, this vulnerability affects the QTS 5.1.x version and has been fixed in QTS 5.1.3.2578 build 20231110 and later.
CVE-2023-41289 was another OS command injection vulnerability reported to be affecting QcalAgent.
This vulnerability was given as a medium severity in the security advisory and mentioned to be affecting QcalAgent 1.1.x. All of the affected products have been fixed, and patches have been released.
It is recommended for organizations that use these products to upgrade to the latest versions to prevent becoming prey for threat actors.

This Cyber News was published on gbhackers.com. Publication date: Tue, 09 Jan 2024 11:43:10 +0000

Cyber News related to Multiple QNAP Severity Flaw Let Attackers Execute Remote Code

Multiple QNAP Severity Flaw Let Attackers Execute Remote Code - QNAP has released multiple security advisories for addressing several high, medium, and low-severity vulnerabilities in multiple products, including QTS, QuTS hero, Netatalk, Video Station, QuMagie, and QcalAgent. QNAP has also stated all the ...
1 year ago Gbhackers.com

Over 29,000 QNAP devices vulnerable to code injection attacks - Tens of thousands of QNAP network-attached storage devices are waiting to be patched against a critical security flaw addressed by the Taiwanese company on Monday. Remote threat actors can exploit this SQL injection vulnerability to inject malicious ...
2 years ago Bleepingcomputer.com

QNAP Patches High-Severity Flaws in QTS, Video Station, QuMagie, Netatalk Products - Taiwan-based QNAP Systems on Friday announced patches for a dozen vulnerabilities across its product portfolio, including high-severity flaws in its operating system. The bug affects QTS versions 5.1.x and QuTS hero versions h5.1.x and was resolved ...
1 year ago Securityweek.com

QNAP takes down server behind widespread brute-force attacks - QNAP took down a malicious server used in widespread brute-force attacks targeting Internet-exposed NAS devices with weak passwords. The Taiwanese hardware vendor detected the attacks on the evening of October 14 and, with assistance from Digital ...
1 year ago Bleepingcomputer.com

QNAP Patches Critical Security Vulnerability that Allows Remote Code Injection - QNAP is warning customers to install QTS and QuTS firmware updates that fix a critical security vulnerability that potentially allows remote attackers to inject malicious code on QNAP NAS devices. This vulnerability is tracked as CVE-2022-27596 and ...
2 years ago Bleepingcomputer.com

30k Internet-Exposed QNAP NAS Devices Affected by Recent Vulnerability - Attack surface management firm Censys has identified roughly 30,000 internet-exposed QNAP network-attached storage appliances that are likely affected by a recently disclosed critical-severity code injection vulnerability. Tracked as CVE-2022-27596, ...
2 years ago Securityweek.com

QNAP Devices Unpatched Against Critical Flaw: Over 29,000 Vulnerable - Tens of thousands of QNAP network-attached storage devices are exposed online and unpatched against a critical security flaw. Remote threat actors can exploit this SQL injection vulnerability to inject malicious code in attacks targeting ...
2 years ago Bleepingcomputer.com

10 of the biggest zero-day attacks of 2023 - Here are 10 of the biggest zero-day attacks of 2023 in chronological order. Zero-day attacks started strong in 2023 with CVE-2023-0669, a pre-authentication command injection vulnerability in Fortra's GoAnywhere managed file transfer product. ...
1 year ago Techtarget.com

Zoom Mobile & Desktop App Flaw Let Attackers Escalate Privileges - The popular video conferencing software Zoom has security issues with its desktop and mobile apps that could allow for privilege escalation. An attacker may be able to obtain elevated privileges within the application or the operating system by ...
1 year ago Cybersecuritynews.com

Zoom stomps critical privilege escalation bug, 6 other flaws The Register - Review and manage your consent Here's an overview of our use of cookies, similar technologies and how to manage them. Video conferencing giant Zoom today opened up about a fresh batch of security vulnerabilities affecting its products, including a ...
1 year ago Go.theregister.com

Critical unauthenticated RCE flaw in OpenSSH server - MUST READ. Critical unauthenticated remote code execution flaw in OpenSSH server. Expert released PoC exploit code for Veeam Backup Enterprise Manager flaw CVE-2024-29849. CISA adds Oracle WebLogic Server flaw to its Known Exploited Vulnerabilities ...
7 months ago Securityaffairs.com

CISA Warns of FXC Router, QNAP NVR Vulnerabilities Exploited in the Wild - The US cybersecurity agency CISA on Thursday released industrial control system advisories for vulnerabilities affecting Future X Communications routers and QNAP network video recorder devices, and warned organizations that they have been exploited ...
1 year ago Securityweek.com

QNAP Alerts of a Vulnerability that Could Lead to Deadbolt Ransomware Attacks - QNAP, a data-storage hardware vendor, has issued a warning to customers to update their devices due to the discovery of a vulnerability that could leave thousands exposed to attacks. The vulnerability, known as CVE-2022-27596, affects QNAP devices ...
2 years ago Therecord.media

High-severity flaw affects Cisco Firepower Management Center - CISA adds GitLab flaw to its Known Exploited Vulnerabilities catalog. CISA adds Cisco ASA and FTD and CrushFTP VFS flaws to its Known Exploited Vulnerabilities catalog. Critical Fortinet's FortiClient EMS flaw actively exploited in the wild. Hackers ...
8 months ago Securityaffairs.com

Critical Apache Log4j2 flaw still threatens global finance - Critical Apache Log4j2 flaw still threatens global finance. CISA adds Apache Flink flaw to its Known Exploited Vulnerabilities catalog. CISA adds GitLab flaw to its Known Exploited Vulnerabilities catalog. Russia-linked APT28 used post-compromise ...
8 months ago Securityaffairs.com

Hackers Actively Exploiting Vulnerability to Deploy Mirai Malware - Hackers exploit QNAP devices because they often have known vulnerabilities or misconfigurations that can be exploited for unauthorized access. QNAP devices store valuable data, which makes them lucrative targets for threat actors seeking to:-. NVR is ...
1 year ago Cybersecuritynews.com

Juniper Networks fixed a critical authentication bypass flaw in some of its routers - MUST READ. Threat actors actively exploit D-Link DIR-859 router flaw CVE-2024-0769. CISA adds Oracle WebLogic Server flaw to its Known Exploited Vulnerabilities catalog. Russia-linked APT28 used post-compromise tool GooseEgg to exploit CVE-2022-38028 ...
7 months ago Securityaffairs.com

Patch Now: Attackers Pummel Critical, Easy-to-Exploit OwnCloud Flaw - Hackers are actively exploiting a critical flaw in the open source ownCloud platform that allows access to access admin passwords, mail server credentials, and license keys, exposing their enterprise to data breaches or other types of malicious ...
1 year ago Darkreading.com

QNAP VioStor NVR vulnerability actively exploited by malware botnet - A Mirai-based botnet named 'InfectedSlurs' is exploiting a remote code execution vulnerability in QNAP VioStor NVR devices to hijack and make them part of its DDoS swarm. The botnet was discovered by Akamai's Security Intelligence Response Team in ...
1 year ago Bleepingcomputer.com

Threat actors actively exploit D-Link DIR-859 router flaw - MUST READ. Threat actors actively exploit D-Link DIR-859 router flaw CVE-2024-0769. Expert released PoC exploit code for Veeam Backup Enterprise Manager flaw CVE-2024-29849. CISA adds D-Link DIR router flaws to its Known Exploited Vulnerabilities ...
7 months ago Securityaffairs.com

QNAP NAS Security Flaw Allows Remote Attackers to Inject Malicious Code - QNAP has released updates for its network-attached storage systems to address a critical security vulnerability that could allow remote attackers to inject malicious code. Customers of QNAP are being advised to update their QTS and QuTS hero firmware ...
2 years ago Cybersecuritynews.com

Multiple Flaws in Dell PowerProtect Products Execute Commands - Multiple vulnerabilities have been discovered in Dell's PowerProtect, which were associated with SQL injection, cross-site scripting, privilege escalation, command injection, and path tracing. The severity for these vulnerabilities ranges between 4.3 ...
1 year ago Cybersecuritynews.com

CVE-2021-28800 - A command injection vulnerability has been reported to affect QNAP NAS running legacy versions of QTS. If exploited, this vulnerability allows attackers to execute arbitrary commands in a compromised application. This issue affects: QNAP Systems Inc. ...
3 years ago

Latest Cyber News

Feds fine Warby Parker $1.5 million for failing to protect customer health data | The Record from Recorded Future News - 24 minutes ago
Hacker steals record $1.46 billion from Bybit ETH cold wallet - 1 hour ago
Hacker steals over $1.46 billion of crypto from Bybit ETH cold wallet - 1 hour ago
China Claim That NSA Allegedly Hacked Northwestern Polytechnical University - 1 hour ago
CISA flags Craft CMS code injection flaw as exploited in attacks - 2 hours ago
ACRStealer Malware Exploiting Google Docs as C2 To Steal Login Credentials - 2 hours ago
Apple pulls iCloud end-to-end encryption feature in the UK - 2 hours ago
Darcula 3.0 Tool Automatically Generates Phishing Kit For Any Brand - 2 hours ago
Ukrainian hackers claim breach of Russian loan company linked to Putin’s ex-wife | The Record from Recorded Future News - 3 hours ago
Black Basta is latest ransomware group to be hit by leak of chat logs | The Record from Recorded Future News - 5 hours ago
CISA Releases 7 ICS Advisories Detailing Vulnerabilities & Exploits - 10 hours ago
Pegasus Spyware Used Widely to Target Individuals in Private Industry & Finance Sectors - 11 hours ago
SPAWNCHIMERA Malware Exploiting Ivanti Buffer Overflow Vulnerability By Applying A Fix - Cyber Security News - 11 hours ago
Chinese Hackers Using New Bookworm Malware In Attacks Targeting Southeast Asia - 12 hours ago
Google Released PoC Exploit for Palo Alto Firewall Command Injection Vulnerability - 14 hours ago
New Active Directory Pentesting Tool For KeyCredentialLink Management - 14 hours ago
Windows Wi-Fi Password Stealer Malware Found Hosted on GitHub - 16 hours ago
China-linked hackers target European healthcare orgs in suspected espionage campaign | The Record from Recorded Future News - 16 hours ago
CVE-2025-27097 - 20 hours ago
CVE-2025-27098 - 20 hours ago

Cyber Trends (last 7 days)

Okta - 1 year ago
23andMe - 1 year ago
Kimsuky - 1 year ago
LogoFAIL - 1 year ago
Gh0st rat - 1 year ago

Trending Cyber News (last 7 days)

Feds fine Warby Parker $1.5 million for failing to protect customer health data | The Record from Recorded Future News - 24 minutes ago
Hacker steals record $1.46 billion from Bybit ETH cold wallet - 1 hour ago
Hacker steals over $1.46 billion of crypto from Bybit ETH cold wallet - 1 hour ago
China Claim That NSA Allegedly Hacked Northwestern Polytechnical University - 1 hour ago
CISA flags Craft CMS code injection flaw as exploited in attacks - 2 hours ago
ACRStealer Malware Exploiting Google Docs as C2 To Steal Login Credentials - 2 hours ago
Apple pulls iCloud end-to-end encryption feature in the UK - 2 hours ago
Darcula 3.0 Tool Automatically Generates Phishing Kit For Any Brand - 2 hours ago
Ukrainian hackers claim breach of Russian loan company linked to Putin’s ex-wife | The Record from Recorded Future News - 3 hours ago
Black Basta is latest ransomware group to be hit by leak of chat logs | The Record from Recorded Future News - 5 hours ago
CISA Releases 7 ICS Advisories Detailing Vulnerabilities & Exploits - 10 hours ago
Pegasus Spyware Used Widely to Target Individuals in Private Industry & Finance Sectors - 11 hours ago
SPAWNCHIMERA Malware Exploiting Ivanti Buffer Overflow Vulnerability By Applying A Fix - Cyber Security News - 11 hours ago
Chinese Hackers Using New Bookworm Malware In Attacks Targeting Southeast Asia - 12 hours ago
Google Released PoC Exploit for Palo Alto Firewall Command Injection Vulnerability - 14 hours ago
New Active Directory Pentesting Tool For KeyCredentialLink Management - 14 hours ago
Windows Wi-Fi Password Stealer Malware Found Hosted on GitHub - 16 hours ago
China-linked hackers target European healthcare orgs in suspected espionage campaign | The Record from Recorded Future News - 16 hours ago
CVE-2025-1272 - 3 days ago
CVE-2025-27090 - 1 day ago