There is no known workaround at the moment. Ensure you have updated to version 8.5.3 or 8.6.1.3 (depends on device model) to prevent potential damage.
What happened? A vulnerable code was discovered in the calling code of the method getBrowser() of the class Browser. This could result in an attacker being able to retrieve the data which is currently being processed in the device’s memory.
Impact: An attacker could use this vulnerability to retrieve the data which is currently being processed in the device’s memory.
FIXED in version 8.6.1.3 (All versions)
CVE-2018-4040: Log Parser Remote Code Execution Vulnerability
Summary
A vulnerability was discovered in the Log Parser of the app. This vulnerability could lead to an attacker being able to execute arbitrary code on the device.
Impact: An attacker could execute arbitrary code on the device.
FIXED in version 8.5.3 (All versions)
The conclusion is that this blog post discusses how to avoid mistakes when outsourcing SEO and how to properly do it. The article mentions a few reasons why digital marketing is important, and it also talks about why these 6 reasons are important specifically for businesses.
Abstract
The Log Parser is a core software component in QNAP NAS devices. This vulnerability can be exploited remotely to execute arbitrary code on the underlying system.
Timeline
Published on: 10/11/2022 11:15:00 UTC
Last modified on: 10/12/2022 13:34:00 UTC