Security News > 2024 > May > 15 QNAP NAS bugs and one PoC disclosed, update ASAP! (CVE-2024-27130)
Researchers have found 15 vulnerabilities in QNAP's network attached storage devices, and have released a proof-of-concept for one: an unauthenticated stack overflow vulnerability that may be leveraged for remote code execution.
"Given the shared-access model of the NAS device, which permits sharing files with specific users, both authenticated and unauthenticated bugs were of interest to us," they said.
A requirement for a successful attack is knowing the correct ssid parameter to use, and the researchers have figured out how to get it: it can be extracted from a link generated when a NAS user shares a file with a user who doesn't have a NAS account.
"While this limits the usefulness of the bug a little - true unauthenticated bugs are much more fun! - it's a completely realistic attack scenario that a NAS user has shared a file with an untrusted user," they noted.
QNAP NAS devices are popular with small-and-medium sized business, enterprises, as well as ransomware gangs.
The researchers reported the vulnerabilities to QNAP in December 2023 and January 2024, and QNAP has finally begun releasing fixes in April 2024.
News URL
https://www.helpnetsecurity.com/2024/05/21/cve-2024-27130-poc/
Related news
- QNAP fixes NAS backup software zero-day exploited at Pwn2Own (source)
- Millions of Synology NAS devices vulnerable to zero-click attacks (CVE-2024-10443) (source)
- QNAP pulls buggy QTS firmware causing widespread NAS issues (source)
- QNAP addresses critical flaws across NAS, router software (source)
- PoC exploit for critical WhatsUp Gold RCE vulnerability released (CVE-2024-8785) (source)