Synology recommends contacting their technical support for immediate assistance. Gaining the ability to execute remote code as a root user means that an attacker would be able to read, modify or delete any files on the system, enumerate users, install malware (such as. It seems that your directory permissions are incorrect. END Synology released an advisory for a critical Netatalk. ![]() QNAP recommends disabling the use of AFP as a mitigation until patches are available. For users who don't need AFP and have not upgraded to DSM 7.1, we recommend. Both companies are currently working on patches for the other affected software versions. build 20220419 and later, and Synology DSM version 7.1-42661-1 and later are protected. ![]() While Netatalk 3.1.13 was released to address these vulnerabilities, users will need to update their QNAP devices in order to remediate the vulnerable Netatalk versions.įollowing QNAP’s publication, on the 28th of April, Synology published a similar security advisory regarding the same Netatalk vulnerabilities affecting multiple versions of Synology’s DiskStation Manager and Router Manager.Īt the time of this writing only QNAP QTS version 4. Netatalk needs to map IDs to files and folders in the host filesystem. On the 25th of April 2022, QNAP published a security advisory regarding multiple vulnerabilities affecting Netatalk, which is an open-source implementation of the Apple Filing Protocol (AFP) used by QNAP devices so that they can act as a file server for macOS clients.
0 Comments
Leave a Reply. |