Security News > 2023 > December > QNAP VioStor NVR vulnerability actively exploited by malware botnet
A Mirai-based botnet named 'InfectedSlurs' is exploiting a remote code execution vulnerability in QNAP VioStor NVR devices to hijack and make them part of its DDoS swarm.
The second zero-day vulnerability in the botnet's attacks is CVE-2023-47565, a high-severity OS command injection impacting QNAP VioStor NVR models running QVR firmware 4.x. QNAP published an advisory on December 7, 2023, explaining that the previously unknown issue was fixed in QVR firmware 5.x and later, which is available to all actively supported models.
Since version 5.0.0 was released nearly a decade ago, it is deduced that the Infected Slurs botnet targets legacy VioStor NVR models that never updated their firmware after initial setup.
A VioStor NVR model that has reached EOL may not have an available update that includes firmware 5.x or later.
These devices will not receive a security update, so the only solution is to replace them with newer, actively supported models.
New botnet malware exploits two zero-days to infect NVRs and routers.
News URL
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-08 | CVE-2023-47565 | OS Command Injection vulnerability in Qnap QVR Firmware An OS command injection vulnerability has been found to affect legacy QNAP VioStor NVR models running QVR Firmware 4.x. | 8.8 |