Saturday, January 18, 2025
HomeCyber Security NewsMultiple QNAP Vulnerabilities Let Attackers Inject Malicious Codes

Multiple QNAP Vulnerabilities Let Attackers Inject Malicious Codes

Published on

SIEM as a Service

Follow Us on Google News

QNAP has disclosed a series of vulnerabilities within its operating systems and applications that could potentially allow attackers to compromise system security and execute malicious commands.

These vulnerabilities, identified as CVE-2024-21899, CVE-2024-21900, and CVE-2024-21901, pose significant risks to users of affected QNAP devices.

The company has promptly responded by releasing updates to mitigate these vulnerabilities.

Understanding the Vulnerabilities

CVE-2024-21899: Compromising System Security Through Improper Authentication

This vulnerability could allow unauthorized users to bypass authentication mechanisms, allowing them to compromise the system’s security via a network.

Document
Integrate ANY.RUN in your company for Effective Malware Analysis

Are you from SOC and DFIR teams? – Join With 400,000 independent Researchers

Malware analysis can be fast and simple. Just let us show you the way to:

  • Interact with malware safely
  • Set up virtual machine in Linux and all Windows OS versions
  • Work in a team
  • Get detailed reports with maximum data
  • If you want to test all these features now with completely free access to the sandbox:


The improper authentication flaw poses a critical risk, as it could enable attackers to gain unauthorized access to sensitive information or disrupt system operations.

CVE-2024-21900: Command Execution Through Injection Vulnerability

CVE-2024-21900 is an injection vulnerability that could allow authenticated users to execute arbitrary commands via a network.

This vulnerability could enable attackers to manipulate the system to their advantage, potentially leading to data theft, system damage, or further unauthorized access.

CVE-2024-21901: SQL Injection Vulnerability

The SQL injection vulnerability, identified as CVE-2024-21901, could allow authenticated administrators to inject malicious code via a network.

This vulnerability is particularly concerning as it could enable attackers to manipulate or corrupt database contents, leading to data loss or unauthorized access.

Hunter recently tweeted about a severe issue related to QNAP operating systems. The tweet warns users to be cautious and take necessary measures to avoid exploitation.

A critical vulnerability (CVE-2024-21899, CVSS 9.8) has been found in multiple versions of QNAP operating systems.

Affected and Fixed Versions

QNAP has taken swift action to address these vulnerabilities by releasing updates for the affected products.

Discovering these vulnerabilities in QNAP’s systems is a crucial reminder to maintain up-to-date security measures. 

The following table outlines the affected products and their corresponding fixed versions:

Affected ProductFixed Version
QTS 5.1.xQTS 5.1.3.2578 build 20231110 and later
QTS 4.5.xQTS 4.5.4.2627 build 20231225 and later
QuTS hero h5.1.xQuTS hero h5.1.3.2578 build 20231110 and later
QuTS hero h4.5.xQuTS hero h4.5.4.2626 build 20231225 and later
QuTScloud c5.xQuTScloud c5.1.5.2651 and later
myQNAPcloud 1.0.xmyQNAPcloud 1.0.52 (2023/11/24) and later

Users of the affected versions are urged to update their systems and applications to the latest versions to protect against these vulnerabilities.

To safeguard against these vulnerabilities, QNAP strongly recommends that users regularly update their systems and applications to the latest versions.

These updates include critical fixes that can protect devices from potential attacks.

Users can update their QTS, QuTS hero, or QuTScloud systems via the Control Panel’s Firmware Update section or download the updates directly from the QNAP website.

For myQNAPcloud, updates can be performed through the App Center.

The discovery of these vulnerabilities was credited to DEVCORE, under the identifiers ZDI-CAN-22493/22494.

QNAP’s swift response underscores the importance of proactive security measures and the company’s commitment to protecting its users. 

Users of QNAP devices are urged to update their systems immediately to protect against potential threats.

You can block malware, including Trojans, ransomware, spyware, rootkits, worms, and zero-day exploits, with Perimeter81 malware protection. All are incredibly harmful, can wreak havoc, and damage your network.

Stay updated on Cybersecurity news, Whitepapers, and Infographics. Follow us on LinkedIn & Twitter.

Divya
Divya
Divya is a Senior Journalist at GBhackers covering Cyber Attacks, Threats, Breaches, Vulnerabilities and other happenings in the cyber world.

Latest articles

Hackers Easily Bypass Active Directory Group Policy to Allow Vulnerable NTLMv1 Auth Protocol

Researchers have discovered a critical flaw in Active Directory’s NTLMv1 mitigation strategy, where misconfigured...

AWS Warns of Multiple Vulnerabilities in Amazon WorkSpaces, Amazon AppStream 2.0, & Amazon DCV

Amazon Web Services (AWS) has issued a critical security advisory highlighting vulnerabilities in specific...

FlowerStorm PaaS Platform Attacking Microsoft Users With Fake Login Pages

Rockstar2FA is a PaaS kit that mimics the legitimate credential-request behavior of cloud/SaaS platforms....

New Tool Unveiled to Scan Hacking Content on Telegram

A Russian software developer, aided by the National Technology Initiative, has introduced a groundbreaking...

API Security Webinar

Free Webinar - DevSecOps Hacks

By embedding security into your CI/CD workflows, you can shift left, streamline your DevSecOps processes, and release secure applications faster—all while saving time and resources.

In this webinar, join Phani Deepak Akella ( VP of Marketing ) and Karthik Krishnamoorthy (CTO), Indusface as they explores best practices for integrating application security into your CI/CD workflows using tools like Jenkins and Jira.

Discussion points

Automate security scans as part of the CI/CD pipeline.
Get real-time, actionable insights into vulnerabilities.
Prioritize and track fixes directly in Jira, enhancing collaboration.
Reduce risks and costs by addressing vulnerabilities pre-production.

More like this

Hackers Easily Bypass Active Directory Group Policy to Allow Vulnerable NTLMv1 Auth Protocol

Researchers have discovered a critical flaw in Active Directory’s NTLMv1 mitigation strategy, where misconfigured...

AWS Warns of Multiple Vulnerabilities in Amazon WorkSpaces, Amazon AppStream 2.0, & Amazon DCV

Amazon Web Services (AWS) has issued a critical security advisory highlighting vulnerabilities in specific...

FlowerStorm PaaS Platform Attacking Microsoft Users With Fake Login Pages

Rockstar2FA is a PaaS kit that mimics the legitimate credential-request behavior of cloud/SaaS platforms....