all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

QNAP warns about critical vulnerabilities in NAS systems

Add to bookmarks
Nov. 8, 2023, 12:05 p.m. | MalBot

Malware Analysis, News and Indicators - Latest topics malware.news

QNAP has published a security advisory about two critical vulnerabilities that could allow remote attackers to execute commands via a network.


One of the vulnerabilities affects the QTS and QuTS operating systems (OS) for QNAP’s network attached storage systems (NAS). The second one can be found in versions of QTS, the Multimedia Console, and the Media Streaming add-on.


CVE-2023-23368


The first vulnerability, CVE-2023-23368 (CVSS score 9.8 out of 10), is an OS command injection vulnerability.


OS command injection (also …

advisory a network attackers critical critical vulnerabilities found nas network operating systems qnap security security advisory storage storage systems systems vulnerabilities

Visit resource

More from malware.news / Malware Analysis, News and Indicators - Latest topics

Leveling the cybersecurity playing field an hour ago | malware.news
article blumira cybersecurity entry +4
Hardware cybersecurity leader, Flexxon, introduces Server Defender an hour ago | malware.news
advanced article cybersecurity defender +8
Automated pentesting in the cloud an hour ago | malware.news
article automated challenge cloud +10
How to revamp your cybersecurity in the middle of the chaos an hour ago | malware.news
article attackers chaos cybersecurity +8
6K-plus AI models may be affected by critical RCE vulnerability 3 hours ago | malware.news
ai models article attacks critical +14
Zscaler annual phishing report finds a near 60% increase in phishing attacks in 2023 4 hours ago | malware.news
article attacks link media +6
Microsoft, North Korea, Santander, CISA, Deepfakes, Aaran Leyland & More - SWN #387 6 hours ago | malware.news
amp article cisa deepfakes +8
Exploring Adlumin's Impactful Role in SMB Cybersecurity with CEO Robert Johnson and NightDragon's Dave DeWalt 6 hours ago | malware.news
2024 rsa conference adlumin ceo challenges +22
Malicious Life Podcast: Unmasking Secrets: The Rise of Open-Source Intelligence 6 hours ago | malware.news
airlines data dive episode +19

Jobs in InfoSec / Cybersecurity

Post a Job Search Talent

Information Security Engineers

@ D. E. Shaw Research | New York City
View on infosec-jobs.com

Technology Security Analyst

@ Halton Region | Oakville, Ontario, Canada
View on infosec-jobs.com

Senior Cyber Security Analyst

@ Valley Water | San Jose, CA
View on infosec-jobs.com

Cloud Security Engineer

@ City National Bank of Florida | Miami, FL, United States
View on infosec-jobs.com

Principal Security Engineer

@ VIANT | New York City
View on infosec-jobs.com

Associate Detection & Response Analyst

@ Rapid7 | VA Arlington 22203
View on infosec-jobs.com