Qnap Security Advisory: Bulletin ID: QSA-21-03, QSA-21-33, QSA-21-34, QSA-21-36, QSA-21-37

Qnap Systems, Inc. had published security enhancement against security vulnerabilities that could affect specific versions of the company’s products. Use following information and solutions to correct the security issues and vulnerabilities.

Advisory includes following:

Insufficient HTTP Security Headers in QTS, QuTS hero, and QuTScloud (ID: QSA-21-03)
Stack Buffer Overflow Vulnerabilities in QTS, QuTS hero, and QuTScloud (ID: QSA-21-33)
Stack Buffer Overflow Vulnerability in QUSBCam2 (ID: QSA-21-34)
Stack-Based Buffer Overflow Vulnerabilities in NVR Storage Expansion (ID: QSA-21-36)
Insufficiently Protected Credentials in QSW-M2116P-2T2S and QuNetSwitch (ID: QSA-21-37)

Insufficient HTTP security headers in QTS, QuTS hero, and QuTScloud
Security ID: QSA-21-03
Release date: September 10, 2021
Severity: Medium
CVE identifier: CVE-2018-19957
Affected products: All QNAP NAS

Summary
A vulnerability involving insufficient HTTP security headers has been reported to affect firm’s NAS running QTS, QuTS hero, and QuTScloud. This vulnerability allows remote attackers to launch privacy and security attacks.

The company have already fixed this vulnerability in the following versions:

QTS 4.5.4.1715 build 20210630 and later
QuTS hero h4.5.4.1771 build 20210825 and later
QuTScloud c4.5.6.1755 build 20210809 and later

Information

Stack buffer overflow vulnerabilities in QTS, QuTS hero, and QuTScloud
Security ID: QSA-21-33
Release date: September 10, 2021
Severity: High
CVE identifier: CVE-2021-28816 | CVE-2021-34343
Affected products: All QNAP NAS

Summary
Two stack buffer overflow vulnerabilities have been reported to affect the firm’s devices running QTS, QuTS hero, and QuTScloud. If exploited, these vulnerabilities allow attackers to execute arbitrary code.

The company have already fixed these vulnerabilities in following versions:

QTS 5.0.0.1716 build 20210701 and later
QTS 4.5.4.1715 build 20210630 and later
QTS 4.3.6.1750 build 20210730 and later
QTS 4.3.3.1693 build 20210624 and later
QuTS hero h4.5.4.1771 build 20210825 and later
QuTScloud c4.5.6.1755 and later

Information

Stack buffer overflow vulnerability in QUSBCam2
Security ID: QSA-21-34
Release date: September 10, 2021
Severity: Critical
CVE identifier: CVE-2021-34344
Affected products: Certain QNAP NAS

Summary
A stack buffer overflow vulnerability has been reported to affect the firm’s NAS running QUSBCam2. If exploited, this vulnerability allows attackers to execute arbitrary code.

The company have already fixed this vulnerability in following versions of QUSBCam2:

QTS 4.5.4: QUSBCam2 1.1.4 (2021/07/30) and later
QTS 4.3.6: QUSBCam2 1.1.4 ( 2021/07/30 ) and later
QuTS hero h4.5.3: QUSBCam2 1.1.4 (2021/07/30) and later

Information

Stack-based buffer overflow vulnerabilities in NVR Storage Expansion
Security ID: QSA-21-36
Release date: September 10, 2021
Severity: Critical
CVE identifier: CVE-2021-34345 | CVE-2021-34346
Affected products: QNAP NAS running NVR Storage Expansion

Summary
Two stack-based buffer overflow vulnerabilities have been reported to affect the firm’s NAS running NVR Storage Expansion. If exploited, these vulnerabilities allow attackers to execute arbitrary code.

The company have already fixed vulnerabilities in following versions:

NVR Storage Expansion 1.0.6 (2021/08/03) and later

Information

Insufficiently protected credentials in QSW-M2116P-2T2S and QuNetSwitch
Security ID: QSA-21-37
Release date: September 10, 2021
Severity: High
CVE identifier: CVE-2021-28813
Affected products: QSW-M2116P-2T2S, QNAP switches running QuNetSwitch

Summary
A vulnerability involving insecure storage of sensitive information has been reported to affect QSW-M2116P-2T2S and QNAP switches running QuNetSwitch. If exploited, this vulnerability allows remote attackers to read sensitive information by accessing the unrestricted storage mechanism.

The company have already fixed this vulnerability in following versions: