Security News > 2024 > May > QNAP Patches New Flaws in QTS and QuTS hero Impacting NAS Appliances

QNAP Patches New Flaws in QTS and QuTS hero Impacting NAS Appliances
2024-05-22 05:15

Taiwanese company QNAP has rolled out fixes for a set of medium-severity flaws impacting QTS and QuTS hero, some of which could be exploited to achieve code execution on its network-attached storage (NAS) appliances. The issues, which impact QTS 5.1.x and QuTS hero h5.1.x, are listed below - CVE-2024-21902 - An incorrect permission assignment for critical resource


News URL

https://thehackernews.com/2024/05/qnap-patches-new-flaws-in-qts-and-quts.html

Related news

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2024-05-21 CVE-2024-21902 Incorrect Permission Assignment for Critical Resource vulnerability in Qnap QTS and Quts Hero
An incorrect permission assignment for critical resource vulnerability has been reported to affect several QNAP operating system versions.
network
low complexity
qnap CWE-732
8.1
8.1

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Qnap 96 16 126 133 34 309