Security News > 2023 > December > QNAP VioStor NVR vulnerability actively exploited by malware botnet
A Mirai-based botnet named 'InfectedSlurs' is exploiting a remote code execution vulnerability in QNAP VioStor NVR devices to hijack and make them part of its DDoS swarm.
The second zero-day vulnerability in the botnet's attacks is CVE-2023-47565, a high-severity OS command injection impacting QNAP VioStor NVR models running QVR firmware 4.x. QNAP published an advisory on December 7, 2023, explaining that the previously unknown issue was fixed in QVR firmware 5.x and later, which is available to all actively supported models.
Since version 5.0.0 was released nearly a decade ago, it is deduced that the Infected Slurs botnet targets legacy VioStor NVR models that never updated their firmware after initial setup.
A VioStor NVR model that has reached EOL may not have an available update that includes firmware 5.x or later.
These devices will not receive a security update, so the only solution is to replace them with newer, actively supported models.
New botnet malware exploits two zero-days to infect NVRs and routers.
News URL
Related news
- AndroxGh0st Malware Integrates Mozi Botnet to Target IoT and Cloud Services (source)
- Volt Typhoon rebuilds malware botnet following FBI disruption (source)
- Botnet exploits GeoVision zero-day to install Mirai malware (source)
- BadBox malware botnet infects 192,000 Android devices despite disruption (source)
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-12-08 | CVE-2023-47565 | Unspecified vulnerability in Qnap QVR Firmware An OS command injection vulnerability has been found to affect legacy QNAP VioStor NVR models running QVR Firmware 4.x. | 8.8 |