Vulnerabilities > Qnap > TS 639 PRO Firmware > Medium

DATE CVE VULNERABILITY TITLE RISK
2009-09-21 CVE-2009-3278 Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) vulnerability in Qnap Ts-239 PRO Firmware and Ts-639 PRO Firmware
The QNAP TS-239 Pro and TS-639 Pro with firmware 2.1.7 0613, 3.1.0 0627, and 3.1.1 0815 use the rand library function to generate a certain recovery key, which makes it easier for local users to determine this key via a brute-force attack.
local
low complexity
qnap CWE-338
5.5