Saturday, January 23, 07:40
Home security QNAP: Fixes critical vulnerabilities affecting NAS devices

QNAP: Fixes critical vulnerabilities affecting NAS devices

Η QNAP corrected two critical vulnerabilities security in practice Helpdesk, which could allow potential intruders to take control of NAS devices.

QNAP: Fixes critical vulnerabilities affecting NAS devices

The Helpdesk is application which allows owners of QNAP NAS devices to submit direct requests for assistance to the supplier. To do this, the application has a specific license.

The two vulnerabilities security have been named CVE-2020-2506 and CVE-2020-2507 and are "improper access control vulnerabilities".

QNAP said that if an attacker manages to exploit the two vulnerabilities, he will be able to gain control of a device QNAP NAS.

However, as we said above, the Taiwan-based company fixed the security issues with the issue Helpdesk 3.0.3 and later.

Here are the steps you need to follow to update your Helpdesk:

  • Log in to QTS as an administrator.
  • Open the Application Center and click the magnifying glass.
  • A search box appears.
  • Type “Helpdesk,” then press ENTER.
  • Helpdesk appears in search results.
  • Click Update (The Update button is not available if you are using the latest version).
  • A confirmation message is displayed.
  • Click OK.

If you follow the above procedure, the Helpdesk will be updated, so QNAP NAS devices will remain secure.

QNAP: Fixes critical vulnerabilities affecting NAS devices

In recent months, QNAP NAS Appliances have been targeted hackers and the existence of vulnerabilities facilitates their work. Recently, QNAP advised its customers to update firmware And the applications installed on NAS devices to protect against AgeLocker ransomware.

According to Security Affairs, device owners need to make the updates, because experts say that at the moment there is no free way to restore them data, encrypted by AgeLocker ransomware.

In addition, in early August, QNAP had warned users about QSnatch malware (data theft malware) and had prompted them to update the application Malware Remover. At that time, the CISA and National Cyber ​​Security Center (NCSC) of the United Kingdom had released a joint announcement on a massive Qsnatch malware distribution campaign.

Finally, a few months ago, the company had warned them users her for her eCh0raix ransomware.

LEAVE ANSWER

Please enter your comment!
Please enter your name here

Digital Fortresshttps://www.secnews.gr
Pursue Your Dreams & Live!

LIVE NEWS

Intel CPUs Review: Core i7-10700 vs Core i7-10700K!

Over the years, the Intel series of processors (CPUs) introduced the series of overclocking models "K" and more recently the series ...

The DeLorean can return as an electric car

The DMC DeLorean has been out of production for almost 40 years, but it looks like the iconic vehicle will return as an electric car.

Windows RDP servers are used to support DDoS

Cybercrime gangs are abusing Windows Remote Desktop Protocol (RDP) systems to reinforce the unwanted ...

SEPA: He refused to pay a ransom and thousands of files were leaked

Thousands of stolen files of the Scottish Environmental Protection Agency (SEPA) have been published by hackers, after the organization refused to pay the ransom ...

Fines at Valve, Capcom and Zenimax for geo-exclusion of games

Following a European Commission investigation, a group of video game publishers was fined € 7,8 million following allegations of geo-exclusion practices. In...

Bitcoin helps the middle class survive the pandemic

Regulators still imply that Bitcoin is just a tool for criminals, but it seems that for the middle class ...

Lightworks 2021.1 for Linux, Mac and Windows has been released

Lightworks Professional Multi-Platform Video Editing Software received the first major update to Lightworks 2021.1 for Windows, Linux and Mac.

Netflix: Watch the 9 best Anime movies of all time

One of the good things about the pandemic was that many people were introduced to the anime world. And the issue with anime is ...

CHwapi: Windows BitLocker "hit" the Belgian hospital!

The CHwapi hospital in Belgium was attacked by a cyber attack on January 17, with hackers claiming to have encrypted 40 servers and 100 ...

CPU / GPU Lotteries: Newegg sells the few on the market

Hardware shortages are not uncommon, but the pandemic has worsened the situation. The whole planet is closed to ...