QNAP Updates
1603Warning Date
Severity Level
Warning Number
Target Sector
12 December, 2021
● High
2021-4012
All
Description:
QNAP has released security updates to address several vulnerabilities in the following products:
- QNAP NAS running Surveillance Station
- QNAP NAS running Kazoo Server
- Qfile for Android
Threats:
An attacker could exploit these vulnerabilities by doing the following:
- Cross-site scripting (XSS)
- Execute arbitrary code
Best practice and Recommendations:
The CERT team encourages users to review QNAP security advisory and apply the necessary updates: