Search

安全ID : QSA-22-07

Vulnerability in QVR

  • 发布日期 : May 6, 2022

  • 通用漏洞披露 : CVE-2022-27588

  • 受影响产品: QNAP VS Series NVR

严重程度

严重

状态

已解决

Summary

A vulnerability has been reported to affect QNAP VS Series NVR running QVR. If exploited, this vulnerability allows remote attackers to run arbitrary commands.

We have already fixed the vulnerability in the following versions of QVR:

  • QVR 5.1.6 build 20220401 and later

Recommendation

To secure your device, we strongly recommend updating your system to the latest version to benefit from vulnerability fixes.

Updating QVR

  1. Log on to QVR as administrator.
  2. Go to Control Panel > System Settings > Firmware Update.
  3. Select the Firmware Update tab.
  4. Click Browse... to upload the latest firmware file.
    Tip: Download the latest firmware file for your specific device from https://www.qnap.com/go/download.
  5. Click Update System.
    QVR installs the update.

致谢: 00One, Inc. Chuya Hayakawa

修订历史:
V1.0 (May 6, 2022) - Published
V1.1 (May 11, 2022) - Change acknowledgement by the request of JPCERT/CC

选择规格

      显示更多 隐藏更多
      open menu
      back to top