Rewterz Threat Alert – Remcos RAT – Active IOCs
July 1, 2021Rewterz Threat Alert – FormBook Malware – Active IOCs
July 1, 2021Rewterz Threat Alert – Remcos RAT – Active IOCs
July 1, 2021Rewterz Threat Alert – FormBook Malware – Active IOCs
July 1, 2021Severity
High
Analysis Summary
CVE-2021-28803
A stored XSS vulnerability has been reported to affect QNAP NAS running Q’center. If exploited, this vulnerability allows attackers to inject malicious code.
CVE-2020-36194
An XSS vulnerability has been reported to affect QNAP NAS running QTS and QuTS hero. If exploited, this vulnerability allows attackers to inject malicious code.
Impact
- Cross-site scripting
Affected Vendors
QNAP
Affected Products
- Q’center 1.11.1004 and later
- QTS 4.5.2.1566 Build 20210202 and later
- QuTS hero h4.5.2.1638 build 20210414 and late\
Remediation
- For QTS and QuTS hero follow the below-mentioned link https://www.qnap.com/en/security-advisory/qsa-21-31
- For Q’center follow the below-mentioned link https://www.qnap.com/en/security-advisory/qsa-21-32