AntoineMasselot a dit:
Tu peux préciser ce que ça veut dire ? C'est quoi finalement l'origine du problème ?
Cdt
d'apres ce que j'aurais lu, une partie de la faille serait due a un identifiant ROOT codé en dur dans le code de l'appli....
j'essaye de retrouver ou j'ai lu cela
trouvé:
...
How exactly is the ransomware getting onto people's network-attached storage systems? Well, look no further than these three critical vulnerabilities that QNAP patched this month, the first two highlighted today in its warning to customers:
CVE-2020-36195 aka QSA-21-11: An SQL injection flaw in the Multimedia Console and the Media Streaming add-on that can be exploited to ultimately gain control of the box. This was patched on April 16, just days before the latest ransomware outbreak kicked off.
CVE-2021-28799 aka QSA-21-13:
Hard-coded login credentials were found and removed in HBS 3 Hybrid Backup Sync. If you know these creds, you can gain control of the device via this backdoor access. Though its advisory suggests the bug was fixed today, it was actually patched in version 16.0.0415 released on April 16.
CVE-2020-2509 aka QSA-21-05: A command-injection vulnerability in QTS and QuTS hero that can be exploited to seize control of a box. This was also patched on April 16.
source: https://www.theregister.com/2021/04/22/qnap_nas_ransomware_qlocker_ech0raix/