QNAP Advises Users to Update NAS Firmware to Patch Apache HTTP Vulnerabilities

22 April 2022

Network-attached storage (NAS) appliance maker QNAP on Thursday said it’s investigating its lineup for potential impact arising from two security vulnerabilities that were addressed in the Apache HTTP server last month. The critical flaws, tracked as CVE-2022-22721 and CVE-2022-23943, are rated 9.8 for severity on the CVSS scoring system and impact Apache HTTP Server versions 2.4.52 and earlier – CVE-2022-22721 – Possible buffer overflow with very large or unlimited LimitXMLRequestBody CVE-2022-23943 – Out-of-bounds Write vulnerability in mod_sed of Apache HTTP Server Both the vulnerabilities, alongside CVE-2022-22719 and CVE-2022-22720, were remediated by the project maintainers as part of version 2.4.53, which was shipped on March 14, 2022.

Read full article on The Hacker News

Date:

22 April 2022

Categorie(s):

NEWS

Tag(s):

Computer Hardware, Firmware, NAS, Patch, Security Pro

Cops cuff man for allegedly framing colleague with AI-generated hate speech clip25 April 2024
Ring dinged for $5.6M after, among other claims, rogue insider spied on ‘pretty girls’25 April 2024
After a 19-month saga, Broadcom finally patches Brocade SANnav bugs25 April 2024
Navigating the cyber seas: Clarity, compliance, and unified endpoint management 25 April 2024
Dropzone AI nabs $16.85M for its automated breach investigation platform25 April 2024