Release date: May 6, 2022
Security ID: QSA-22-07
CVE identifier: CVE-2022-27588
Affected products: Qnap VS Series NVR
A vulnerability has been reported to affect the company’s VS Series NVR running QVR. If exploited, this vulnerability allows remote attackers to run arbitrary commands.
The firm have already fixed vulnerability in following versions of QVR:
- QVR 5.1.6 build 20220401 and later
To secure your device, we strongly recommend updating your system to the latest version to benefit from vulnerability fixes.
Log on to QVR as administrator.
Go to Control Panel > System Settings > Firmware Update.
Select the Firmware Update tab.
Click Browse… to upload the latest firmware file.
Tip: Download the latest firmware file for your specific device from the company’s website.
Click Update System.
QVR installs the update.
Revision History: V1.0 (May 6, 2022) – Published