QNAP Warns of OpenSSL Infinite Loop Vulnerability Affecting NAS Devices

2022-03-30 20:30

Taiwanese company QNAP this week revealed that a selected number of its network-attached storage appliances are affected by a recently-disclosed bug in the open-source OpenSSL cryptographic library.

"An infinite loop vulnerability in OpenSSL has been reported to affect certain QNAP NAS," the company said in an advisory published on March 29, 2022.

"If exploited, the vulnerability allows attackers to conduct denial-of-service attacks."

QNAP, which is currently investigating its line-up, said it affects the following operating system versions -.

QuTScloud c5.0.x. To date, there is no evidence that the vulnerability has been exploited in the wild.

The advisory comes a week after QNAP released security updates for QuTS hero to address the "Dirty Pipe" local privilege escalation flaw impacting its devices.

News URL

https://thehackernews.com/2022/03/qnap-warns-of-openssl-infinite-loop.html

#NAS #openssl #qnap #vulnerability

Related vendor

VENDOR	LAST 12M	#/PRODUCTS	LOW	MEDIUM	HIGH	CRITICAL	TOTAL VULNS
Qnap		96	16	126	133	34	309
Openssl		2	12	92	51	16	171

News URL

Related news

Related vendor