China IT News3.0  
Home > News content

At least 29000 facilities were affected, and WeiUnicom announced that there were serious loopholes in QTS and QuTS hero.

via:IT之家     time:2023/2/1 16:02:09     readed:240

News from IT House on February 1, NAS manufacturer QNAP recently issued a security announcement.Indicates that there is a serious vulnerability in QTS 5.0.1 and QuTS hero h5.0.1 software CVE-2022-27596 that may allow attackers to plant malicious code in the firmware.

The vulnerability has a score of 9.8 in CVSS v3 (with a maximum score of 10), so IT Home recommends netizens who use the above two software to upgrade as soon as possible.

QNAP has not disclosed any further details about the vulnerability. According to Bleeping Computer, vulnerability CVE-2022-27596 is classified as "improper use of special elements in SQL commands" (SQL injection).

Devices running the following software versions are affected:

  • QTS 5.x

  • QuTS hero h5.x

WeiUnicom has fixed the above vulnerabilities, and users are recommended to upgrade to:

  • QTS 5.0.1.2234 build 20221201 and later

  • QuTS hero h5.0.1.2248 build 20221215 and later

Bleeping Computer pointed out in the report that at least 29000 facilities were affected. A report by Censys security researchers further pointed out that of the more than 60000 QNAP NAS devices found online, only about 550were patched.

translate engine: 腾讯

China IT News APP

Download China IT News APP

Recommended use China IT News APP

Download flyfish app to read news

open APP to read this news.

Please rate this news

The average score will be displayed after you score.

Post comment

Do not see clearly? Click for a new code.

User comments

Related news
Taobao special edition will go online wechat app? At Berlin wall or broken down
At least 29000 facilities were affected, and WeiUnicom announced that there were serious loopholes in QTS and QuTS hero.
China Unicom has released QTS 5.1.0 official version of NAS operating system, which supports SMB multi-channel
Hot news this week
300 million subsidy! Telecom gives benefits: traffic 100 free of charge, 200g and gigabit broadband
Apple fans issued an order for Lulai mobile phone: the system is as clean as iOS. Don't buy a car without Wei Wei.
Apple fights Huawei! iPhone15, Mate60 plus single million: Rongmi OV who will be left behind
After Huawei breaks through 5G! Qualcomm's days are even worse, with 60% of its revenue coming from China.
Domestic chip is also used! Huawei: We never said that we would get stronger if we beat the United States
Netizens experience the new Redmi product in Xiaomi House: it is really outrageous and good in texture.
Nokia announced that it will open an "innovation laboratory" in Dubai to promote the application of AI technology in the field of network automation.
Full capacity: it is reported that Nvidia is chasing a single AI chip, and TSMC urgently buys more CoWoS packaging equipment.
Huawei ten thousand yuan machine king wants to scramble for the new Mate product the real machine leaks: standard iP15 Pro Max
China's first "zero formaldehyde" MPV! Wei brand mountain passed the identification: Dad rest assured
The most popular news this week
Science and technology last night and this morning 0929: SARFT: the first stage of charging for TV "dolls" has begun; the Internet Information Office: those who provide personal in...
Google machete department will do it again, and the whiteboard application Jamboard will be suspended at the end of next year.
The report says malware ads infiltrated Microsoft Bing chat.
I'm sure! The State Administration of Radio, Film and Television will control the charge for TV dolls: you can watch it directly when you turn it on.
France has approved a software update for Apple's iPhone 12: Addressing excessive radiation levels
The first batch of FSR 3 support games confirm that the A card will also have frame generation when it comes online tomorrow.
After the successful launch of the sun and moon probe! India is full of confidence: take Venus
It is reported that Epic has laid off nearly 900 employees: the company cannot make ends meet.
The Chinese mobile phone that the Saudi tycoon likes: it is not sold at home, and its sales in the Middle East have surpassed that of Apple.
The woman who took a high-speed train carriage full of express delivery on the wrong peak: If you think it's funny, write it down