{"id":15165,"date":"2023-02-03T11:47:34","date_gmt":"2023-02-03T03:47:34","guid":{"rendered":"https:\/\/docs.pingcode.com\/?p=15165"},"modified":"2023-02-03T11:47:34","modified_gmt":"2023-02-03T03:47:34","slug":"qnap-%e8%bd%af%e4%bb%b6%e5%ad%98%e5%9c%a8%e4%b8%a5%e9%87%8d%e6%bc%8f%e6%b4%9e%ef%bc%8c%e5%bd%b1%e5%93%8d%e8%bf%91-30000-%e5%8f%b0%e8%ae%be%e5%a4%87","status":"publish","type":"post","link":"https:\/\/docs.pingcode.com\/info\/15165.html","title":{"rendered":"QNAP \u8f6f\u4ef6\u5b58\u5728\u4e25\u91cd\u6f0f\u6d1e\uff0c\u5f71\u54cd\u8fd1 30000 \u53f0\u8bbe\u5907"},"content":{"rendered":"

Security Affairs \u7f51\u7ad9\u62ab\u9732\uff0cNAS \u5382\u5546 QNAP\uff08\u5a01\u8054\u901a\uff09\u5728\u5b89\u5168\u516c\u544a\u8868\u793a\uff0c QTS 5.0.1 \u548c QuTS hero h5.0.1 \u4e24\u6b3e\u8f6f\u4ef6\u4e2d\u5b58\u5728\u4e25\u91cd\u6f0f\u6d1e \uff08\u8ffd\u8e2a\u4e3a CVE-2022-27596\uff0cCVSS v3 \u8bc4\u5206\uff1a9.8\uff09\u3002\"1675394118_63dc7c46e11ccc3c800b9.png!small?1675394119999\"<\/p>\n

\u636e\u6089\uff0c\u5373\u4f7f\u8fdc\u7a0b\u653b\u51fb\u8005\u6ca1\u6709\u83b7\u5f97\u7528\u6237\u4ea4\u4e92\u6743\u9650\u6216\u6613\u53d7\u653b\u51fb\u8bbe\u5907\u4e0a\u5176\u5b83\u6743\u9650\uff0c\u4e5f\u53ef\u4ee5\u8f7b\u677e\u5229\u7528 CVE-2022-27596 \u6f0f\u6d1e\u5728\u53d7\u5f71\u54cd\u7684 QNAP \u8bbe\u5907\u4e0a\u6ce8\u5165\u6076\u610f\u4ee3\u7801\u3002<\/p>\n

\u6f0f\u6d1e\u5f71\u54cd QTS 5.0.1 \u548c QuTS hero h5.0.1 \u7248\u672c\u3002<\/b><\/strong><\/h2>\n

\u6f0f\u6d1e\u62ab\u9732\u4e0d\u4e45\u540e\uff0cQNAP \u5c31\u53d1\u5e03\u4e86 QTS \u548c QuTS \u56fa\u4ef6\u5b89\u5168\u66f4\u65b0\u3002\u76ee\u524d\uff0c\u4ee5\u4e0b\u64cd\u4f5c\u7cfb\u7edf\u7248\u672c\u5df2\u4fee\u590d\u4e86 CVE-2022-27596 \u6f0f\u6d1e\u3002<\/p>\n

QTS 5.0.1.2234 build 20221201 \u53ca\u66f4\u9ad8\u7248\u672c<\/p>\n

QuTS hero h5.0.1.2248 build 20221215 \u53ca\u66f4\u9ad8\u7248\u672c<\/p>\n

\u7f51\u7edc\u5b89\u5168\u516c\u53f8 Censys \u5bf9\u4e92\u8054\u7f51\u4e0a\u66b4\u9732\u7684 QNAP \u8bbe\u5907\u8fdb\u884c\u4e86\u5168\u9762\u626b\u63cf\uff0c\u53d1\u73b0 30000 \u53f0\u8bbe\u5907\u8fd0\u884c QTS 5.0.1 \u548c QuTS hero h5.0.1\u6613\u53d7\u653b\u51fb\u7684\u7248\u672c\uff0c\u53ef\u80fd\u4f1a\u53d7\u5230 CVE-2022-27596 \u6f0f\u6d1e\u7684\u5f71\u54cd\u3002<\/p>\n

\u6b64\u5916\uff0cCensys \u5bf9 67415 \u53f0\u636e\u79f0\u8fd0\u884c\u57fa\u4e8e QNAP \u7cfb\u7edf\u7684\u4e3b\u673a\u8fdb\u884c\u4e86\u68c0\u67e5\uff0c\u4f46\u53ea\u4ece 30520 \u53f0\u4e3b\u673a\u4e2d\u83b7\u5f97\u4e86\u7248\u672c\u53f7\u3002\u5728\u8fd9 30520 \u53f0\u5177\u6709\u7248\u672c\u7684\u4e3b\u673a\u4e2d\uff0c\u53ea\u6709 557 \u53f0\u66f4\u65b0\u4e86\u5b89\u5168\u8865\u4e01\uff0c\u8fd9\u610f\u5473\u7740 29968 \u53f0\u4e3b\u673a\u53ef\u80fd\u53d7\u5230 CVE-2022-27596 \u6f0f\u6d1e\u7684\u5f71\u54cd\u3002\u503c\u5f97\u4e00\u63d0\u7684\u662f\uff0c\u5176\u4e2d\u6613\u611f\u67d3\u7684\u7cfb\u7edf\u4e3b\u8981\u4f4d\u4e8e\u610f\u5927\u5229\uff083200\uff09\u3001\u7f8e\u56fd\uff083149\uff09\u548c\u53f0\u6e7e\uff081942\uff09\u3002\"1675394115_63dc7c4364bcbb7889ea0.png!small?1675394115793\"<\/p>\n

\u6613\u53d7\u653b\u51fb\u7684\u7248\u672c\uff1a\"1675394112_63dc7c40687d0923a1f06.png!small?1675394112923\"<\/p>\n

\u6700\u540e\uff0cCensys \u5f3a\u8c03\u4e00\u65e6 CVE-2022-27596 \u6f0f\u6d1e\u88ab\u7f51\u7edc\u72af\u7f6a\u5206\u5b50\u53d1\u5e03\u5e76\u6b66\u5668\u5316\uff0c\u53ef\u80fd\u4f1a\u7ed9\u6210\u5343\u4e0a\u4e07\u7684 QNAP \u7528\u6237\u5e26\u6765\u9ebb\u70e6\u3002\u56e0\u6b64\u5f3a\u70c8\u5efa\u8bae\u7528\u6237\u7acb\u523b\u5347\u7ea7\u5176 QNAP \u8bbe\u5907\uff0c\u4ee5\u514d\u906d\u53d7\u7f51\u7edc\u653b\u51fb\u3002<\/p>\n

\u6587\u7ae0\u6765\u6e90\uff1a<\/strong><\/p>\n

Over 30k Internet-Exposed QNAP NAS hosts impacted by CVE-2022-27596 flaw<\/a><\/p><\/blockquote>\n