Multiple buffer overflow vulnerabilities have been reported in Samba. These vulnerabilities affect the following QNAP operating systems:
- QTS, QuTS hero, QuTScloud, QVP (QVR Pro appliances), QVR
We have already fixed the vulnerabilities in the following operating system versions:
- QTS 22.214.171.1246 build 20230322 and later
- QuTS hero h126.96.36.1998 build 20230324 and later
- QuTS hero h188.8.131.524 build 20230417 and later
QNAP is urgently fixing the vulnerabilities in QuTScloud, QVP, and QVR.
Please check this security advisory regularly for updates and promptly update your operating system to the latest recommended version as soon as it is available.