Security News > 2023 > December > QNAP VioStor NVR vulnerability actively exploited by malware botnet

QNAP VioStor NVR vulnerability actively exploited by malware botnet
2023-12-16 16:17

A Mirai-based botnet named 'InfectedSlurs' is exploiting a remote code execution vulnerability in QNAP VioStor NVR devices to hijack and make them part of its DDoS swarm.

The second zero-day vulnerability in the botnet's attacks is CVE-2023-47565, a high-severity OS command injection impacting QNAP VioStor NVR models running QVR firmware 4.x. QNAP published an advisory on December 7, 2023, explaining that the previously unknown issue was fixed in QVR firmware 5.x and later, which is available to all actively supported models.

Since version 5.0.0 was released nearly a decade ago, it is deduced that the Infected Slurs botnet targets legacy VioStor NVR models that never updated their firmware after initial setup.

A VioStor NVR model that has reached EOL may not have an available update that includes firmware 5.x or later.

These devices will not receive a security update, so the only solution is to replace them with newer, actively supported models.

New botnet malware exploits two zero-days to infect NVRs and routers.


News URL

https://www.bleepingcomputer.com/news/security/qnap-viostor-nvr-vulnerability-actively-exploited-by-malware-botnet/

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2023-12-08 CVE-2023-47565 Unspecified vulnerability in Qnap QVR Firmware
An OS command injection vulnerability has been found to affect legacy QNAP VioStor NVR models running QVR Firmware 4.x.
network
low complexity
qnap
8.8

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Qnap 80 4 97 122 76 299