Concerning reflected XSS Vulnerability in Ragic Cloud DB, CSRF vulnerability in QmailAgent, and heap-based buffer overflow vulnerability in QTS and QuTS hero NAS OS
Source: StorageNewsletter.com
Qnap Systems, Inc. had published security enhancement against security vulnerabilities that could affect specific versions of company’s products.
Use following information and solutions to correct security issues and vulnerabilities.
Advisory includes following:
- Reflected XSS Vulnerability in Ragic Cloud DB (ID: QSA-21-48)
- CSRF Vulnerability in QmailAgent (ID: QSA-21-49)
- Heap-Based Buffer Overflow Vulnerability in QTS and QuTS hero (ID:QSA-21-50)
Reflected XSS Vulnerability in Ragic Cloud DB
Release date: November 19, 2021
Security ID: QSA-21-48
Severity: Medium
CVE identifier: CVE-2021-38681
Affected products: Qnap NAS running Ragic Cloud DB
Summary
A reflected cross-site scripting (XSS) vulnerability has been reported to affect Qnap NAS running Ragic Cloud DB. If exploited, this vulnerability allows remote attackers to inject malicious code.
The company have already disabled and removed Ragic Cloud DB from the Qnap App Center, pending a security patch from Ragic.
CSRF Vulnerability in QmailAgent
Release date: November 19, 2021
Security ID: QSA-21-49
Severity: Medium
CVE identifier: CVE-2021-34358
Affected products: Qnap NAS running QmailAgent
Summary
A cross-site request forgery (CSRF) vulnerability has been reported to affect Qnap NAS running QmailAgent. If exploited, this vulnerability allows remote attackers to trick a victim into performing unintended actions on the web application while the victim is logged in.
The company have already fixed this vulnerability in following versions of QmailAgent:
- QmailAgent 3.0.2 (2021/08/25) and later
Heap-Based Buffer Overflow Vulnerability in QTS and QuTS hero NAS OS
Release date: November 19, 2021
Security ID: QSA-21-50
Severity: High
Affected products: Qnap NAS running QTS and QuTS hero
Summary
A heap-based buffer overflow vulnerability has been reported to affect Qnap NAS devices that have Apple File Protocol (AFP) enabled in QTS or QuTS hero. If exploited, this vulnerability allows attackers to execute arbitrary code.
The company have already fixed this vulnerability in following versions of QTS and QuTS hero:
- QTS 5.0.0.1808 build 20211001 and later
- QTS 4.5.4.1800 build 20210923 and later
- QTS 4.3.6.1831 build 20211019 and later
- QTS 4.3.3.1799 build 20211008 and later
- QuTS hero h5.0.0.1844 build 20211105 and later
- QuTS hero h4.5.4.1813 build 20211006 and later
Questions regarding this issue: contact