QNAP Warns of Critical Vulnerability in Surveillance Station

 


NAS manufacturer QNAP warns of a critical vulnerability in the Surveillance Station application that could allow attackers to take over vulnerable systems remotely. A security update has been made available to resolve the issue. It is rare for QNAP to report critical vulnerabilities in its own software. Including this vulnerability, there were a total of five critical vulnerabilities in the last three years.


Surveillance Station is a network video recorder app that can be installed on Turbo NAS systems. In combination with an IP camera, the app makes it possible to store and view images on the NAS system. A stack-based buffer overflow in the software allows an attacker to execute arbitrary code. Further details are not given.


QNAP has released security updates to address the issue. In case of 32-bit version of the app, it is recommended to update to Surveillance Station 5.1.5.3.3. Surveillance Station 5.1.5.4.3 has been released for users of the 64-bit version.

Previous Post Next Post