CVE-2022-27596
Thousands of QNAP network-attached storage (NAS) devices have a critical security flaw that needs to be patched.
QNAP has stated that the vulnerability affects QNAP devices running QTS 5.0.1 and QuTS hero h5.0.1.
If exploited, this vulnerability allows remote attackers to inject malicious code.
QNAP claims to have already fixed this vulnerability in the following operating system versions:
- QTS 5.0.1.2234 build 20221201 and later
- QuTS hero h5.0.1.2248 build 20221215 and later
If exploited, the vulnerability would allow remote actors to inject malicious code into Internet-exposed, unpatched QNAP devices through a SQL injection vulnerability.
It is important for QNAP customers to patch their NAS devices before threat actors can exploit the vulnerability, as NAS devices have been targeted by multiple ransomware strains in recent years.
In addition to updating, customers should also consider not exposing their devices online to prevent remote exploitation, and if a device needs to be accessible online, make sure to harden and limit access to the device as much as possible. FRSecure recommends that for remote access to such devices, securing them behind a VPN, and utilizing modern authentication methods, unique credentials and MFA, is best.