Uncontrolled Resource Consumption Vulnerability in QNAP Operating Systems
CVE-2022-27600

6.8MEDIUM

Key Information:

Vendor: QNAP
Status: Qts; Quts Hero; Qutscloud
Vendor: CVE Published:; 19 December 2024

What is CVE-2022-27600?

CVE-2022-27600 is an uncontrolled resource consumption vulnerability that affects various versions of QNAP's operating systems. This vulnerability could be exploited by remote attackers to execute a denial-of-service (DoS) attack, which would disrupt legitimate user access and affect the overall performance of the affected systems. QNAP has issued fixes in certain versions to mitigate this risk. Users are strongly advised to upgrade to the patched versions to protect their systems from potential exploitation.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

QTS 5.0.x < 5.0.1.2277

QTS 4.5.x < 4.5.4.2280 build 20230112

QuTS hero h5.0.x

References

https://www.qnap.com/en/security-advisory/qsa-23-09

CVSS V3.1

Score:

6.8

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Changed

Timeline

Vulnerability published
Dec 19, 2024
Vulnerability Reserved
Mar 21, 2022

Credit

huasheng_mangguo

JSON

QNAP

What is CVE-2022-27600?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Credit

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.