Intel NUC 13 Pro (Arena Canyon) review
Endorfy Arx 700 Air chassis review
Beelink SER5 Pro (Ryzen 7 5800H) mini PC review
Crucial T700 PCIe 5.0 NVMe SSD Review - 12GB/s
Sapphire Radeon RX 7600 PULSE review
Gainward GeForce RTX 4060 Ti GHOST review
Radeon RX 7600 review
ASUS GeForce RTX 4060 Ti TUF Gaming review
MSI GeForce RTX 4060 Ti Gaming X TRIO review
GeForce RTX 4060 Ti 8GB (FE) review
Netatalk flaws have been discovered by Synology and QNAP, warning issued.
Users of Synology and QNAP NAS equipment are being warned about major Netatalk vulnerabilities in their operating systems. Both firms are developing patches to address the issues.
According to Synology's website, there are various vulnerabilities in Netatalk that allow hackers to remotely "obtain sensitive information and perhaps execute arbitrary code." As a result, the vulnerabilities exist in various versions of Synology's DiskStation Manager operating system, VS Firmware 2.3, and Synology Router Manager 1.2.
Synology
Multiple vulnerabilities allow remote attackers to obtain sensitive information and possibly execute arbitrary code via a susceptible version of Synology DiskStation Manager (DSM) and Synology Router Manager (SRM).
Affected Products
| Product | Severity | Fixed Release Availability |
|---|---|---|
| DSM 7.1 | Critical | Upgrade to 7.1-42661-1 or above. |
| DSM 7.0 | Critical | Ongoing |
| DSM 6.2 | Critical | Ongoing |
| VS Firmware 2.3 | Critical | Ongoing |
| SRM 1.2 | Critical | Ongoing |
QNAP
Upon the latest release of Netatalk 3.1.13, the Netatalk development team disclosed multiple fixed vulnerabilities affecting earlier versions of the software: CVE-2021-31439, CVE-2021-31439, CVE-2022-23121, CVE-2022-23123, CVE-2022-23122, CVE-2022-23125, CVE-2022-23124, and CVE-2022-0194.
These vulnerabilities currently affect the following QNAP operating system versions:
- QTS 5.0.x and later
- QTS 4.5.4 and later
- QTS 4.3.6 and later
- QTS 4.3.4 and later
- QTS 4.3.3 and later
- QTS 4.2.6 and later
- QuTS hero h5.0.x and later
- QuTS hero h4.5.4 and later
- QuTScloud c5.0.x
We have already fixed the vulnerabilities in the following versions of QTS:
- QTS 4.5.4.2012 build 20220419 and later
QNAP is thoroughly investigating the case. We will release security updates for all affected QNAP operating system versions and provide further information as soon as possible.
Click here to post a comment for this news story on the message forum.