Vulnerability identifier: #VU28116
Vulnerability risk: High
CVSSv3.1: 9.4 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H/RL:O/RC:C]
CVE-ID:
CWE-ID:
CWE-610
Exploitation vector: Network
Exploit availability: Yes
Vulnerable software:
QNAP QTS
Server applications /
File servers (FTP/HTTP)
Photo Station
Client/Desktop applications /
Other client software
Vendor: QNAP Systems, Inc.
Description
The vulnerability allows a remote attacker to compromise the target system.
The vulnerability exists due to the affected software uses an externally controlled name or reference that resolves to a resource that is outside of the intended control sphere. A remote attacker can access or modify system files.
Mitigation
Install updates from vendor's website.
Vulnerable software versions
QNAP QTS: 4.4.0.0752 20181112 - 4.4.1.1033 20190818, 4.3.3 - 4.3.6.1033 20190813, 4.2.6 2018082 - 4.2.6 20200421
Photo Station: 6.0.0 - 6.0.2, 5.7.0 - 5.7.9, 5.4.0 - 5.4.8, 5.2.0 - 5.2.10
External links
http://www.qnap.com/zh-tw/security-advisory/nas-201911-25
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
Yes. This vulnerability is being exploited in the wild.