Share
## https://sploitus.com/exploit?id=SAINT:C0025048E9F1DAE5A84A7A6801978F75
Added: 03/08/2024  


### Background

QNAP is an operating system for Network Attached Storage (NAS) devices. 

**QTS** (QNAP Turbo NAS System) is the Turbo NAS Operating System for entry and mid-level QNAP NAS. 

### Problem

A vulnerability in the `quick.cgi` component in uninitialized QNAP NAS devices allows remote attackers to execute arbitrary commands 

### Resolution

Update to QTS 4.2.6 build 20240131, 4.3.3.2644 build 20240131, 4.3.4.2675 build 20240131, 4.3.6.2665 build 20240131, 4.5.4.2012 build 20220419, 5.0.0.1986 build 20220324, 5.0.1.2145 build 20220903, 5.1.0.2444 build 20230629, or later. 

### References

https://www.qnap.com/en/security-advisory/qsa-23-57   


### Platforms

QNAP QTS