Vulnerability discovered in QNAP systems allows attackers to execute remote code

A critical vulnerability (CVE-2024-53691) has been identified in the QTS and QuTS hero operating systems used by QNAP. This vulnerability allows attackers with user-level privileges to bypass the allowed boundaries of the file system.

This vulnerability has a CVSS v4 score of 8.7, indicating its severity. It allows an attacker to upload symbolic links (symlinks) via a carefully crafted ZIP file. These uploaded symlinks exploit the system’s encryption/decryption functionality, granting the attacker arbitrary file write capabilities.

This ability to write arbitrary files can be further exploited to achieve remote code execution (RCE). Such vulnerabilities enable attackers to take full control of the system, including executing malicious code with root user privileges. As a result, sensitive data can be compromised, system operations halted, or significant damage inflicted on the integrity of the environment.

The exploitation of CVE-2024-53691 involves the following steps:

1. Crafting a ZIP File: The attacker creates a malicious ZIP container containing symlinks pointing to sensitive files or directories within the QNAP system.
2. Uploading the ZIP File: Using a vulnerable application endpoint, the attacker uploads the malicious ZIP file to the QNAP device.
3. Triggering the Encryption/Decryption Functionality: The system processes the ZIP file, following the symlinks and performing unauthorized file operations.
4. Executing Malicious Code: The attacker uses the gained file write capability to deploy a payload, which executes with root-level privileges.

QNAP has released critical updates addressing this vulnerability. The following versions mitigate this risk:

QTS:

• 5.1.8.2823 (July 12, 2024) and later versions
• 5.2.0.2802 (June 20, 2024) and later versions

QuTS hero:

• h5.1.8.2823 (July 12, 2024) and later versions
• h5.2.0.2802 (June 20, 2024) and later versions

It is strongly recommended to upgrade your devices to these versions as soon as possible. Updates can be downloaded from the official QNAP website or installed via the system’s automatic update feature.

Recommendations for Users

As cybersecurity threats continue to evolve, it is crucial to protect systems and data by adopting the following measures:

1. Timely Updates: Regularly update your system to the latest versions.
2. Monitor Security Advisories: Stay informed by following security advisories from QNAP and relevant cybersecurity organizations.
3. Use Strong Passwords: Employ complex and unique passwords for system access.
4. Restrict User Privileges: Follow the principle of least privilege by granting users only the minimum permissions necessary.

Vulnerabilities like CVE-2024-53691 present serious risks to system security. Addressing these issues promptly by installing updates and implementing preventative measures is essential for all users. Ensuring attention to cybersecurity helps maintain the integrity and continuity of systems and safeguards sensitive data effectively.