• Menu
  • Skip to main content
  • Skip to primary sidebar

The Cyber Security News

Latest Cyber Security News

Header Right

  • Latest News
  • Vulnerabilities
  • Cloud Services
Cyber Security News

Nearly 30,000 QNAP Devices Exposed Via New Bug

You are here: Home / General Cyber Security News / Nearly 30,000 QNAP Devices Exposed Via New Bug
February 1, 2023

A critical new vulnerability disclosed by network-connected storage (NAS) seller QNAP this 7 days could be exploited on pretty much 30,000 equipment globally, according to Censys.

The security agency scanned the internet to come across 67,415 hosts running QNAP-centered methods all-around the planet. Though it could only find the model range on 30,250 of them, a worrying 98% have been likely vulnerable to an attack exploiting the new flaw.

Only a number of hundred ended up working the updated firmware variations unveiled by the Taiwanese vendor to remediate the bug, said Censys senior security researchers, Mark Ellzey.

✔ Approved From Our Partners
AOMEI Backupper Lifetime

Protect and backup your data using AOMEI Backupper. AOMEI Backupper takes secure and encrypted backups from your Windows, hard drives or partitions. With AOMEI Backupper you will never be worried about loosing your data anymore.

Get AOMEI Backupper with 72% discount from an authorized distrinutor of AOMEI: SerialCart® (Limited Offer).

➤ Activate Your Coupon Code


“We found that of the 30,520 hosts with a version, only 557 ended up running QuTS Hero bigger than or equivalent to ‘h5..1.2248’ or QTS bigger than or equivalent to ‘5..1.2234,’ meaning 29,968 hosts could be afflicted by this vulnerability,” he warned.

“If the exploit is printed and weaponized, it could spell difficulty to countless numbers of QNAP end users. Absolutely everyone have to enhance their QNAP equipment right away to be secure from future ransomware campaigns.”

Most of the vulnerable hosts reside in the US (3149), followed by Italy (3200) and Taiwan (1942).

Particulars of the vulnerability in problem, CVE-2022-27596, are becoming kept under wraps for now, presumably to give consumers time to patch. Even so, it may well not be extensive just before danger actors search to weaponize it in exploits, Censys warned.

“We’ve mentioned issues with QNAP about the Deadbolt ransomware strategies, which at their height infected around 20,000 equipment and successfully stole just underneath $200,000 from victims. Though there are no indications that bad actors are utilizing this new exploit, the threat is unquestionably on the horizon,” Ellzey argued.

“Given that the Deadbolt ransomware is geared to concentrate on QNAP NAS gadgets exclusively, it’s really probably that if an exploit is built community, the very same criminals will use it to unfold the exact same ransomware all over again.”

The CVE appears to be an SQL injection vulnerability which is trivial to exploit and requires no authentication. It was supplied a CVSS rating of 9.8.


Some components of this article are sourced from:
www.infosecurity-magazine.com

Previous Post: «auditing kubernetes with open source siem and xdr Auditing Kubernetes with Open Source SIEM and XDR
Next Post: Prilex PoS Malware Evolves to Block Contactless Payments to Steal from NFC Cards prilex pos malware evolves to block contactless payments to steal»

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Report This Article

Recent Posts

  • Over 269,000 Websites Infected with JSFireTruck JavaScript Malware in One Month
  • Ransomware Gangs Exploit Unpatched SimpleHelp Flaws to Target Victims with Double Extortion
  • CTEM is the New SOC: Shifting from Monitoring Alerts to Measuring Risk
  • Apple Zero-Click Flaw in Messages Exploited to Spy on Journalists Using Paragon Spyware
  • WordPress Sites Turned Weapon: How VexTrio and Affiliates Run a Global Scam Network
  • New TokenBreak Attack Bypasses AI Moderation with Single-Character Text Changes
  • AI Agents Run on Secret Accounts — Learn How to Secure Them in This Webinar
  • Zero-Click AI Vulnerability Exposes Microsoft 365 Copilot Data Without User Interaction
  • Non-Human Identities: How to Address the Expanding Security Risk
  • ConnectWise to Rotate ScreenConnect Code Signing Certificates Due to Security Risks

Copyright © TheCyberSecurity.News, All Rights Reserved.