Jump to content
About me. Writings. Community. Resources.
Search In
  • More options...
Find results that contain...
Find results in...

Search the Community

Showing results for tags 'takeover attack'.


More search options

  • Search By Tags

    Type tags separated by commas.

  • Search By Author

Content Type


Forums

  • General
    • Support
    • Open Forum
  • Professional
    • Management
    • Requirements
    • Design
    • Development
    • Test / QA
    • Operations
  • Interesting
    • Atlassian
    • Security
    • E-commerce
    • Invision Community
  • Jobs
    • Looking for employee / consultant
    • Looking for Job / Assignment
  • Building The Site's Forums
  • Destiny 2's Discussions
  • The Journey's Discussions
  • Cinephilia's Topics
  • Cinephilia's Movie Database
  • Diablo 4's Diablo 4 Topics
  • Shadownessence's Topics
  • sensory hyperreactivity's Topics
  • Wolcen's Wolcen Topics
  • Quality Assurance Heroes's QA Topics
  • Visual Studio Code's Forum
  • Adobe Illustrator's Adobe Illustrator Forum
  • Sketch Guru's's Topics
  • Requirements & test management in Jira's Topics

Calendars

  • Community Calendar
  • Professional Events
  • Management Events
  • Requirement Events
  • Design Events
  • Development Events
  • Test Events
  • Atlassian Events
  • Operations Events
  • E-commerce Events
  • Destiny 2's Events
  • The Journey's Events
  • Cinephilia's premieres
  • Diablo 4's Diablo 4 Events

Categories

  • Jimi's Files
    • Curriculum vitae
    • Presentations
    • Certificates
  • Management
  • Requirements
  • Design
    • Fonts
  • Code
  • Test
  • Operations
  • Atlassian
    • Certificates of Excellence
  • Security
  • Ecommerce
  • Shadownessence's Files

Categories

  • Management
  • Design
  • Requirements
  • Development
  • Test & QA
  • Atlassian

Categories

  • Personal
  • Professional
    • Management
    • Requirements
    • Design
    • Development
    • Testing
    • Operations
  • Interesting
    • Atlassian
    • Security
    • E-Commerce

Categories

  • System Science Program
  • Graphic Design Program
  • Single Courses
  • Certifications

Categories

  • Management
  • Design
  • Requirements
  • Atlassian

Categories

  • Management
  • Design
  • Requirements
  • Development
  • Test
  • Operations
  • Atlassian
  • Security
  • E-commerce
  • Sales

Categories

  • Author database

Categories

  • Personligt
    • Jimis profiler
    • Åsikter
    • Humor
    • Spel
    • Träning
  • Allmänt
    • Internet
    • Program & tjänster
  • Intressant
    • Prylar
  • Professionellt
    • Management
    • Krav
    • Design
    • Webbutveckling
    • Test
    • Atlassian
    • säkerhet
    • Förvaltning
    • Ehandel
    • Wordpress
  • Personligt_

Product Groups

  • Test

Blogs

There are no results to display.

There are no results to display.

Categories

  • Personal
    • Humor
    • Music
  • Professional
    • Management
    • Requirements
    • Design
    • Development
    • Testing
    • Operations
  • Interesting
    • Atlassian
    • Security
    • E-commerce
  • Destiny 2's Videos
  • Destiny 2's Streamers
  • The Journey's Videos
  • Cinephilia's Trailers
  • Cinephilia's Full Movies
  • Diablo 4's Diablo 4 Videos
  • Wolcen's Wolcen Videos
  • Visual Studio Code's Videos
  • Adobe Illustrator's Adobe Illustrator Videos
  • Requirements & test management in Jira's Videos

Categories

  • Just for fun
  • TV & Movies
    • Lord of the Rings
    • Star Wars
    • Marvel
  • Atlassian

Categories

  • Games
    • White Wolf
    • Drakar & Demoner
    • Mutant
  • Books
    • Management Books
    • Design Books
    • Development Books
  • Comics

Find results in...

Find results that contain...


Date Created

  • Start

    End

Last Updated

  • Start

    End

Filter by number of...

Joined

  • Start

    End

Group

About Me

Found 1 result

  1. Jimi Wikman
    According to Henry Huang, a Taiwanese security researcher, there are still hundreds of thousands of QNAP NAS systems that have yet to be patched for no less than three bugs. This allow an attacker to exploit the three bugs to take full control over QNAP devices. These bugs was found last year and Henry Huang reported it to QNAP last June. QNAP issues a patch in November last year to fix these bugs and still, 6 months later there are hundreds of thousands of unpatched units online. These bugs are: CVE-2019-7192 (CVSS 9.8) (Photo Station bug) CVE-2019-7194 (CVSS 9.8) (Photo Station bug) CVE-2019-7195 (CVSS 9.8) (Photo Station) The bugs that are connected to the Photo Station app are in themselves not a big issue. It is when chained together they can bypass authentication (bug #1), insert malicious code in the Photo Station app PHP session (bug #2), and then install a web shell on unpatched QNAP devices (bug #3). Henry Huang have written detailed information regarding the bugs in an article on Medium. He also strongly advice users to patch their QNAP NAS as soon as possible. If that is not possible then he suggest that you take it off the Internet as it can be used for malicious purposes or you could attract a ransomware gang. This is of course the official recommendation from QNAP as well.
×
×
  • Create New...