QNAP Fixes Improper Authentication Vulnerability Affecting Multiple Versions of QTS
Key Information
- Vendor
- QNAP
- Status
- Qts
- Quts Hero
- Qutscloud
- Vendor
- CVE Published:
- 8 March 2024
Badges
Summary
The articles discuss a critical authentication bypass vulnerability (CVE-2024-21899) affecting multiple versions of QNAP operating systems. This vulnerability allows unauthorized remote access to the NAS device, posing a severe security risk. The vulnerability has been addressed by QNAP with patches available for affected versions. Other vulnerabilities impacting QNAP operating systems are also highlighted, emphasizing the need for immediate updates to mitigate potential security risks. The exploitation of these vulnerabilities could lead to unauthorized access, data compromise, and further attacks, making it crucial for organizations and individuals using QNAP products to prioritize security updates.
Affected Version(s)
QTS < 5.1.3.2578 build 20231110
QTS < 4.5.4.2627 build 20231225
QuTS hero < h5.1.x
News Articles
Arctic Wolf CVE-2024-21899CVE-2024-21899 | Arctic Wolf
On March 8, 2024, QNAP published a security advisory detailing a critical vulnerability affecting multiple QNAP products, CVE-2024-21899 (CVSS: 9.8).
8 months ago
securityonline.info CVE-2024-21899CVE-2024-21899 Archives
VulnerabilityMarch 8, 2024CVE-2024-21899 (CVSS 9.8): Critical QNAP Flaw Opens Door to HackersQNAP has issued a critical security advisory regarding multiple vulnerabilities impacting their NAS software...
8 months ago
NAS Compares CVE-2024-21899CVE-2024-21899
Skip to content Get an email every time there is a new post added on this page (tag)! Are NAS Drives Safe Enough to Use in 2024? Are you a NAS owner? Perhaps you are considering buying a...
8 months ago
CVSS V3.1
Timeline
- 👾
Exploit exists.
First article discovered by securityonline.info
Vulnerability published.
Vulnerability Reserved.