3 matches found
Command injection vulnerability in QNAP VioStar series NVR
Overview VioStar series NVR provided by QNAP Systems, Inc. contains a command injection vulnerability CVE-2022-27588, CWE-77. Chuya Hayakawa of 00One, Inc. reported this vulnerability to JPCERT/CC. JPCERT/CC coordinated with the developer. Impact An arbitrary command may be executed by a remote...
QNAP Releases Firmware Patches for 9 New Flaws Affecting NAS Devices
QNAP, Taiwanese maker of network-attached storage NAS devices, on Friday released security updates to patch nine security weaknesses, including a critical issue that could be exploited to take over an affected system. "A vulnerability has been reported to affect QNAP VS Series NVR running QVR,"...
CVE-2022-27588 Vulnerability in QVR
We have already fixed this vulnerability in the following versions of QVR: QVR 5.1.6 build 20220401 and later...