QNAP Fixes Improper Authentication Vulnerability Affecting Multiple Versions of QTS
CVE-2024-21899
Key Information:
Badges
Summary
The articles discuss a critical authentication bypass vulnerability (CVE-2024-21899) affecting multiple versions of QNAP operating systems. This vulnerability allows unauthorized remote access to the NAS device, posing a severe security risk. The vulnerability has been addressed by QNAP with patches available for affected versions. Other vulnerabilities impacting QNAP operating systems are also highlighted, emphasizing the need for immediate updates to mitigate potential security risks. The exploitation of these vulnerabilities could lead to unauthorized access, data compromise, and further attacks, making it crucial for organizations and individuals using QNAP products to prioritize security updates.
Affected Version(s)
QTS 5.1.x < 5.1.3.2578 build 20231110
QTS 4.5.x < 4.5.4.2627 build 20231225
QuTS hero h5.1.x
Get notified when SecurityVulnerability.io launches alerting π
Well keep you posted π§
News Articles
Arctic WolfCVE-2024-21899CVE-2024-21899 | Arctic Wolf
On March 8, 2024, QNAP published a security advisory detailing a critical vulnerability affecting multiple QNAP products, CVE-2024-21899 (CVSS: 9.8).
10 months ago
securityonline.infoCVE-2024-21899CVE-2024-21899 Archives
VulnerabilityMarch 8, 2024CVE-2024-21899 (CVSS 9.8): Critical QNAP Flaw Opens Door to HackersQNAP has issued a critical security advisory regarding multiple vulnerabilities impacting their NAS software...
10 months ago
NAS ComparesCVE-2024-21899CVE-2024-21899
Skip to content Get an email every time there is a new post added on this page (tag)! Are NAS Drives Safe Enough to Use in 2024? Are you a NAS owner? Perhaps you are considering buying a...
10 months ago
References
CVSS V3.1
Timeline
- π‘
Public PoC available
- πΎ
Exploit known to exist
- π°
First article discovered by securityonline.info
Vulnerability published
Vulnerability Reserved