Patreon-Only Top Story (Patreon)

If you have a network attached storage device from Synology or QNAP, listen up, this story is for you.

Synology and QNAP are warning users that the critical Netatalk vulnerabilities can be exploited to allow remote attackers to access sensitive information and execute arbitrary code. This affects some versions of the Synology DiskStation Manager or DSM, as well as the Synology Router Manager or SRM.

For QNAP this affects several versions of their QTS systems.

Netatalk is an Apple Filing Protocol that allows for NIX or BSD systems to also work with AppleShare file servers via an open source implementation for MacOS clients. The issue was fixed in Netatlk version 3.1.1.

Synology is in the process of releasing patches for DSM, but if you’re on DSM 7.1 or later, patches are already released. QNAP is working on mitigation, but for the time being recommends disabling AFP on affected machines. The flaw is tracked as CVE-2022-23121, with a high severity score, but isn’t the only flaw that Synology and QNAP have responded to. Three others, including CVE-2022- 23125, 23122, and 0194 also allow for arbitrary code execution.

https://www.bleepingcomputer.com/news/security/qnap-warns-users-to-disable-afp-until-it-fixes-critical-bugs/

https://www.bleepingcomputer.com/news/security/synology-warns-of-critical-netatalk-bugs-in-multiple-products/

https://thehackernews.com/2022/04/qnap-advises-to-mitigate-remote-hacking.html