Endpoint/Device Security, Vulnerability Management

Nearly 30K QNAP NAS devices affected by critical bug

BleepingComputer reports that 29,968 QNAP network-attached storage devices could be compromised with potential attacks leveraging a critical SQL injection flaw, tracked as CVE-2022-27596, which has been patched by QNAP on Monday. Such figures indicate that more than 98% of identified QNAP NAS devices remain vulnerable to the security bug, according to a Censys report. Immediate application of fixes to unpatched QNAP NAS instances has been urged, with QNAP NAS being a common target of ransomware, including eCh0raix/QNAPCrypt, Muhstik, Qlocker, Agelocker, QSnatch, Checkmate, and Deadbolt. "If the exploit is published and weaponized, it could spell trouble to thousands of QNAP users. Everyone must upgrade their QNAP devices immediately to be safe from future ransomware campaigns," said Censys senior security researcher Mark Ellzey. Aside from implementing the updates, entities using internet-exposed QNAP devices have also been recommended to disable their router's Port Forwarding function, as well as deactivate QNAP NAS' UPnP functionality to avert attacks.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.