Beware: Hackers twist QNAP vulnerabilities for Mirai Malware mischief

December 18, 2023
1 min read
  • Hackers are actively exploiting a vulnerability in QNAP VioStor NVR (network video recorder) devices to deploy the Mirai malware, according to security researchers at Akamai.
  • The vulnerability, tracked as CVE-2023-47565 and rated as “High” severity with a CVSS v3 score of 8.0, allows unauthorized access to video recordings, playback and remote data.
  • Threat actors are primarily targeting older devices with versions 5.0.0 and earlier, using the device’s default credentials in the current configuration.
  • QNAP recommends updating VioStor firmware on unsupported devices and changing default passwords to mitigate the risk.
  • Security experts stress the importance of robust IoT practices, maintaining up to date software and implementing strong, unique passwords for all user accounts.

Cybersecurity researchers have recently identified that hackers are exploiting QNAP devices, specifically QNAP VioStor NVRs, as they frequently have known vulnerabilities or misconfigurations. Besides being an easy target, these devices often store valuable data, making them appealing for threat actors looking to compromise sensitive information or deploy malware and ransomware.

This particular vulnerability allows an authenticated attacker to exploit the OS command injection via a POST request to the devices’ management interface. It tends to rely on weak default credentials, making older or unsupported devices vulnerable to potential botnet infections.

As part of their investigation, researchers collaboratively worked with US-CERT and QNAP, confirming that the exploit primarily targets retired VioStor versions – specifically, those are 5.0.0 or earlier. The exploitation is done through a POST request to /cgi-bin/server/server.cgi, taking advantage of a remote code execution vulnerability.

These findings underline a pressing issue with legacy systems, which often serve as breeding grounds for new vulnerabilities. It highlights the need for better IoT practices, including the implementation of more robust security measures and longer software support. This is crucial not just for manufacturers but also for consumers who need to cultivate an awareness for system safety.

To mitigate existing vulnerabilities, security analysts recommend implementing strong passwords for all user accounts, keeping the QVR updated to the latest version, and implementing robust security policies and solutions.

Latest from Blog

Trust is the secret sauce for cybersecurity success

TLDR: Key Points: Trust between CISOs and top executives is crucial for justifying cybersecurity investments. Five key questions CISOs must ask themselves about their cybersecurity strategy include budget justification, risk reporting, celebrating

Expert opinion on cyber security is a must have

TLDR: Key points from the article: Study shows link between lack of sleep and increased risk of Alzheimer’s disease. Researchers found that poor sleep quality was associated with higher levels of brain