安全ID : NAS-201808-01

Security Advisory for Vulnerabilities in FFmpeg

发布日期 : August 1, 2018
通用漏洞披露 : CVE-2017-11399 | CVE-2017-11665 | CVE-2017-14223 | CVE-2017-14169 | CVE-2017-14225 | CVE-2017-17081 | CVE-2017-5024 | CVE-2017-9993
受影响产品: QTS 4.3.4 build 20180528 and earlier

严重程度

Important

状态

已解决

Summary

Several vulnerabilities were recently found in FFmpeg. If exploited, these vulnerabilities could allow remote attackers to launch DDoS attacks or access sensitive information on the device.

We have already fixed these and other older FFmpeg issues in QTS 4.3.4 build 20180710 and later.

Recommendation

To fix these vulnerabilities, we recommend updating QTS to the latest version.

Installing the QTS Update

Log on to QTS as administrator.
Go to Control Panel > System > Firmware Update.
Under Live Update, click Check for Update.

Tip: You can also download the update from the QNAP website. Go to Support > Download, and then perform a manual update.

修订历史: V1.0 (August 1, 2018) - Published