威连通科技股份有限公司(QNAP Systems, Inc.) - 网络存储装置(NAS) - 首页

Language

Newsroom

2017-06-02

QNAP Releases Qfixes for Samba Writable Share Vulnerability

Taipei, Taiwan, June 2, 2017 – The administrators of the open-source software Samba have disclosed a vulnerability in their software, which can be used to execute malicious code on affected devices. QNAP® Systems, Inc is committed to protecting the privacy and data security of our users and has released Qfixes for QNAP NAS to patch this vulnerability. QNAP urges users to install these Qfixes on their QNAP NAS to protect against unauthorized access.

Samba is a network protocol for file and printer sharing. The CVE-2017-7494 remote code execution vulnerability allows clients with write permission to upload a shared library to a shared folder, and then cause the server to load and execute it. By utilizing this exploit, malicious users can run any code on remote servers and obtain administrator privileges. QNAP has provided separate Qfixes for QTS version 4.3.x and 4.2.x. QNAP recommends that users update QTS to the latest version available for their NAS, and then install the Qfix.

To learn more about how QNAP safeguards cyber security, please visit QNAP Security Bulletins and Advisories

 

关于QNAP

威联通科技股份有限公司 (QNAP Systems, Inc.) 立足台湾台北,提供全面且先进的 NAS 网络存储与影像监控解决方案,让使用者享有操作简单、高安全性、并可弹性扩充的数字应用管理中心。优异的 NAS 产品不仅增进档案存储、备份/快照、虚拟化应用、与协同合作的效率,同时提供多媒体影音体验,丰富数字娱乐生活。威联通更跨足物联网领域,并整合人工智能 (A.I.) 与机器学习 (Machine Learning) 技术,期盼将 QNAP NAS 进化为智能管理中枢,为人类生活创造更多可能性。

媒体联系

marketing@qnap.com