An attacker could gain control of Qnap video surveillance systems

Share your love

If Qnap video surveillance systems are used in companies, admins should update the firmware. If this does not happen, attackers could execute their own commands on systems after successful attacks.

According to Qnap, only VS Series NVR network video recorders are affected. In a warning message the manufacturer classifies a security vulnerability (CVE-2021-38685) as “critical” a. The weak point can be found in the QVR software. Attacks should be possible from a distance and enable attackers to execute their own commands. Further details are currently not known. The second weak point (CVE-2021-38686 “high”) affects a bug in the authentication of QVR.

The developers state both of these security problems QVR 5.1.6 build 202111109 having solved. This version can now be installed via the system settings of the video surveillance systems concerned.


(from)

Article Source

Read Also   PicoMite: New basic interpreter for the Raspberry Pico
Share your love