NAS

Zyxel patches critical flaws in EOL NAS devices

CVE, Don't miss, Hot stuff, NAS, News, Outpost24, patch, PoC, vulnerability, Zyxel /

Zyxel patches critical flaws in EOL NAS devices 2024-06-06 at 14:46 By Zeljka Zorz Zyxel has released patches for three critical vulnerabilities (CVE-2024-29972, CVE-2024-29973, and CVE-2024-29974) affecting two network-attached storage (NAS) devices that have recently reached end-of-vulnerability-support. About the vulnerabilities The three vulnerabilities are: A command injection vulnerability in the CGI program that could allow […]

React to this headline:

Loading spinner

Zyxel patches critical flaws in EOL NAS devices Read More »

‘NsaRescueAngel’ Backdoor Account Again Discovered in Zyxel Products

backdoor, NAS, Vulnerabilities, Zyxel /

‘NsaRescueAngel’ Backdoor Account Again Discovered in Zyxel Products 2024-06-05 at 15:03 By Ionut Arghire Critical vulnerabilities in discontinued Zyxel NAS products allow unauthenticated attackers to execute arbitrary code and OS commands. The post ‘NsaRescueAngel’ Backdoor Account Again Discovered in Zyxel Products appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View

React to this headline:

Loading spinner

‘NsaRescueAngel’ Backdoor Account Again Discovered in Zyxel Products Read More »

QNAP Rushes Patch for Code Execution Flaw in NAS Devices

exploit code, NAS, Network Security, QNAP, remote code execution, Vulnerabilities /

QNAP Rushes Patch for Code Execution Flaw in NAS Devices 2024-05-21 at 19:46 By Ionut Arghire QNAP rolls out patches for multiple vulnerabilities after proof-of-concept exploit published for a remote code execution vulnerability. The post QNAP Rushes Patch for Code Execution Flaw in NAS Devices appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

QNAP Rushes Patch for Code Execution Flaw in NAS Devices Read More »

15 QNAP NAS bugs and one PoC disclosed, update ASAP! (CVE-2024-27130)

Don't miss, Hot stuff, NAS, News, PoC, QNAP, security update, vulnerability, WatchTowr /

15 QNAP NAS bugs and one PoC disclosed, update ASAP! (CVE-2024-27130) 2024-05-21 at 17:31 By Zeljka Zorz Researchers have found 15 vulnerabilities in QNAP’s network attached storage (NAS) devices, and have released a proof-of-concept for one: an unauthenticated stack overflow vulnerability (CVE-2024-27130) that may be leveraged for remote code execution. The vulnerabilities and the CVE-2024-27130

React to this headline:

Loading spinner

15 QNAP NAS bugs and one PoC disclosed, update ASAP! (CVE-2024-27130) Read More »

Exploitation Attempts Target Unpatched Flaw Affecting Many D-Link NAS Devices

D-Link, exploited, Featured, IoT Security, NAS /

Exploitation Attempts Target Unpatched Flaw Affecting Many D-Link NAS Devices 2024-04-09 at 13:16 By Eduard Kovacs Unpatched D-Link NAS device vulnerability CVE-2024-3273, potentially affecting many devices, is being exploited in the wild. The post Exploitation Attempts Target Unpatched Flaw Affecting Many D-Link NAS Devices appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Loading spinner

Exploitation Attempts Target Unpatched Flaw Affecting Many D-Link NAS Devices Read More »

92,000+ internet-facing D-Link NAS devices accessible via “backdoor” account (CVE-2024-3273)

D-Link, Don't miss, Hot stuff, NAS, News, vulnerability /

92,000+ internet-facing D-Link NAS devices accessible via “backdoor” account (CVE-2024-3273) 2024-04-08 at 12:01 By Zeljka Zorz A vulnerability (CVE-2024-3273) in four old D-Link NAS models could be exploited to compromise internet-facing devices, a threat researcher has found. The existence of the flaw was confirmed by D-Link last week, and an exploit for opening an interactive

React to this headline:

Loading spinner

92,000+ internet-facing D-Link NAS devices accessible via “backdoor” account (CVE-2024-3273) Read More »

QNAP fixes OS command injection flaws affecting its NAS devices (CVE-2023-47218, CVE-2023-50358)

Don't miss, enterprise, Hot stuff, NAS, News, Palo Alto Networks, QNAP, Rapid7, security update, SMBs, vulnerability /

QNAP fixes OS command injection flaws affecting its NAS devices (CVE-2023-47218, CVE-2023-50358) 2024-02-14 at 12:46 By Zeljka Zorz QNAP Systems has patched two unauthenticated OS command injection vulnerabilities (CVE-2023-47218, CVE-2023-50358) in various versions of the operating systems embedded in the firmware of their popular network-attached storage (NAS) devices. About the vulnerabilities (CVE-2023-47218, CVE-2023-50358) Both vulnerabilities

React to this headline:

Loading spinner

QNAP fixes OS command injection flaws affecting its NAS devices (CVE-2023-47218, CVE-2023-50358) Read More »

Akira ransomware attackers are wiping NAS and tape backups

backup, Cisco, Don't miss, EU, exploit, Hot stuff, NAS, News, Ransomware, vulnerability /

Akira ransomware attackers are wiping NAS and tape backups 2024-01-12 at 16:17 By Helga Labus “The Akira ransomware malware, which was first detected in Finland in June 2023, has been particularly active at the end of the year,” the Finnish National Cybersecurity Center (NCSC-FI) has shared on Wednesday. NCSC-FI has received 12 reports of Akira

React to this headline:

Loading spinner

Akira ransomware attackers are wiping NAS and tape backups Read More »

Critical Zyxel NAS vulnerabilities patched, update quickly!

Don't miss, Hot stuff, IBM X-Force, NAS, News, security update, vulnerability, Zyxel /

Critical Zyxel NAS vulnerabilities patched, update quickly! 01/12/2023 at 14:33 By Zeljka Zorz Zyxel has patched six vulnerabilities affecting its network attached storage (NAS) devices, including several (OS) command injection flaws that can be easily exploited by unauthenticated attackers. The vulnerabilities in Zyxel NAS devices One of the six plugged security holes is an improper

React to this headline:

Loading spinner

Critical Zyxel NAS vulnerabilities patched, update quickly! Read More »

Major Security Flaws in Zyxel Firewalls, Access Points, NAS Devices

CISA KEV, firewall, NAS, Network Security, Ransomware, Vulnerabilities, Zyxel /

Major Security Flaws in Zyxel Firewalls, Access Points, NAS Devices 30/11/2023 at 20:18 By Ryan Naraine Zyxel patches at least 15 security flaws that expose users to authentication bypass, command injection and denial-of-service attacks. The post Major Security Flaws in Zyxel Firewalls, Access Points, NAS Devices appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

Major Security Flaws in Zyxel Firewalls, Access Points, NAS Devices Read More »

Western Digital, Synology NAS Vulnerabilities Exposed Millions of Users’ Files

NAS, Vulnerabilities, WD /

Western Digital, Synology NAS Vulnerabilities Exposed Millions of Users’ Files 09/08/2023 at 21:03 By Eduard Kovacs Critical vulnerabilities discovered in WD and Synology NAS devices could have exposed the files of millions of users. The post Western Digital, Synology NAS Vulnerabilities Exposed Millions of Users’ Files appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

Western Digital, Synology NAS Vulnerabilities Exposed Millions of Users’ Files Read More »

Zyxel patches critical vulnerability in NAS devices (CVE-2023-27992)

Don't miss, NAS, News, security update, vulnerability, Zyxel /

Zyxel patches critical vulnerability in NAS devices (CVE-2023-27992) 20/06/2023 at 13:05 By Zeljka Zorz Zyxel has released firmware patches for a critical vulnerability (CVE-2023-27992) in some of its consumer network attached storage (NAS) devices. About CVE-2023-27992 CVE-2023-27992 is an OS command injection flaw that could be triggered remotely by an unauthenticated attacker, via a specially

React to this headline:

Loading spinner

Zyxel patches critical vulnerability in NAS devices (CVE-2023-27992) Read More »

Zyxel patches vulnerability in NAS devices (CVE-2023-27988)

Don't miss, Hot stuff, NAS, News, security update, vulnerability, Zyxel /

Zyxel patches vulnerability in NAS devices (CVE-2023-27988) 31/05/2023 at 14:51 By Helga Labus Zyxel has patched a high-severity authenticated command injection vulnerability (CVE-2023-27988) in some of its network attached storage (NAS) devices aimed at home users. About the vulnerability (CVE-2023-27988) The vulnerability was discovered in the devices’ web management interface. “An authenticated attacker with administrator

React to this headline:

Loading spinner

Zyxel patches vulnerability in NAS devices (CVE-2023-27988) Read More »

Scroll to Top