QNAP Is Latest to Get Dinged by OpenSSL Bugs Fallout

On Monday, QNAP put out two security advisories about OpenSSL remote-code execution and denial-of-service (DoS) bugs, fixed last week, that affect its network-attached storage (NAS) devices. The vulnerabilities are tracked as CVE-2021-3711 – a high-severity buffer overflow related to SM2 decryption– and CVE-2021-3712, a medium-severity flaw that can be exploited for DoS attacks and possibly for the disclosure of private memory contents.

Read full article on Threat Post

 


Date:

Categorie(s):