资讯安全公告

Language

资讯安全公告

本页面针对特定QNAP 机种的安全性弱点提供相关说明。请依据这些资讯及我们所提供的解决方案修正安全性弱点。为了让QNAP 提供更好的服务,您也可以回报安全性问题给我们,或是注册我们的安全性电子邮件通知,以便接收我们日后提出的任何建议。(查看 QNAP 资安策略)

日期 安全性弱点 等级 受影响机种 解决方案
June 1, 2017 Security Update for Samba Writable Share Vulnerability High All NAS running QTS NAS-201705-27
May 17, 2017 Security Advisory for WannaCry Ransomware Info None NAS-201705-17
May 14, 2017 Security Vulnerability Addressed in Photo Station 5.4.1 and 5.2.7 Critical Photo Station builds earlier than version 5.4.1 (for QTS 4.3.x) and 5.2.7 (for QTS 4.2.x) NAS-201705-04
May 12, 2017 Security Advisory for Unauthorized QTS Update Critical To be confirmed NAS-201705-12
March 21, 2017 Security Vulnerabilities Addressed in QTS 4.2.4 Build 20170313 Critical All QNAP NAS running QTS NAS-201703-21
February 15, 2017 myQNAPcloud Weakness Addressed in QTS 4.2.3 Build 20170213 Medium All QNAP NAS running QTS NAS-201702-15
January 18, 2017 Security Vulnerabilities Addressed in QTS 4.2.3 Builds 20170121 and 20170124 Medium All QNAP NAS running QTS 4.2.2 and earlier NAS-201701-18
January 6, 2017 Security Vulnerabilities Addressed in QTS 4.2.3 Builds 20170121 and 20170124 Medium All QNAP NAS running QTS 4.2.2 and earlier NAS-201701-06
November 10, 2016 Security Vulnerabilities Addressed in QTS 4.2.2 Build 20161102 Medium All QNAP NAS running QTS firmware prior to 4.2.2 Build 20161102 NAS-201611-10
August 26, 2016 Security Vulnerabilities Addressed in QTS 4.2.2 Build 20160901 High All QNAP NAS running QTS firmware version 4.2.0, 4.2.1, or 4.2.2 NAS-201608-26
June 17, 2016 Medium Every QNAP NAS with firmware prior to 4.2.1 Build 20160601 NAS-201606-17
April 19, 2016 High All QNAP NAS running the Microsoft Networking service (Samba) NAS-201604-19
Sep 22, 2015 Not vulnerable None NAS-201509-22
Sep 15, 2015 Critical Every QNAP NAS with firmware prior to 4.1.4 Build 0910 and 4.2.0 RC2 (Build 0910) NAS-201509-15
Aug 7, 2015 Critical All Turbo NAS series with firmware prior to 4.1.4 build 0804 NAS-201508-07
Feb 26, 2015 Critical All Turbo NAS series running file and printing service with Microsoft networking (Samba) NAS-201502-26
Jan 29, 2015 Critical All Turbo NAS series NAS-201501-29
Dec 24, 2014 Critical All Turbo NAS series that are connected to residential gateway devices (e.g. routers) using vulnerable versions of the Allegro RomPager embedded web server NAS-201412-24
Dec 12, 2014 Critical All Turbo NAS series with firmware versions prior to 4.1.1 build 1003 and are not applied with Qfix 1.0.2 build 1008 NAS-201412-12
Dec 5, 2014 Critical All Turbo NAS series that host websites built on Joomla! 2.5.x versions prior to 2.5.27 and 3.x versions prior to 3.3.6. NAS-201412-05
Dec 4, 2014 Critical All Turbo NAS series that host websites built on WordPress versions 4.0.0 and earlier. NAS-201412-04
Nov 20, 2014 Medium All Turbo NAS series with QTS 4.1.1 and prior versions NAS-201411-20
Nov 12, 2014 Not vulnerable All Turbo NAS series are not affected by these vulnerabilities. NAS-201411-12
Nov 6, 2014 Critical All Turbo NAS series that host websites built on Drupal core 7.x versions prior to 7.32. NAS-201411-06
Oct 29, 2014 Medium All Turbo NAS series NAS-201410-29
Oct 17, 2014 Critical NAS firmware with 3.8.0 ~ QTS 4.1.1 NAS-201410-17
Oct 5, 2014 Critical All Turbo NAS models except TS-100, TS-101, TS-200 NAS-201410-05
Sep 29, 2014 Critical NAS firmware with 3.8.0 ~ QTS 4.1.1 NAS-201409-29
Aug 11, 2014 Medium All QNAP Turbo NAS with WordPress
version 3.1.2 (and previous)
NAS-201408-22
July 18, 2014 Critical NAS firmware with
QTS 4.0.0 ~ 4.0.3
NAS-201407-01
Jan. 9, 2014 Critical NAS firmware with
QTS 4.0.0 ~ 4.0.3
NAS-201401-01
Jun. 10, 2013 Medium Surveillance Station v2.0 – v2.5
Surveillance Station v3.0.0 – v3.0.2
NAS-201306-01
Sep. 21, 2009 Medium NAS Firmware 2.1.7 ~ 3.1.1 NAS-200909-01