QNAP: Multiple Vulnerabilities in Samba (workarounds)

LASER_oneXM

Level 37
Thread author
Verified
Top poster
Well-known
Feb 4, 2016
2,519
Release date: February 10, 2022
...
...

Summary​

Multiple vulnerabilities in Samba have been reported to affect QNAP NAS. If exploited, these vulnerabilities allow attackers to access sensitive information, run arbitrary commands, and impersonate existing services:
  • CVE-2021-44141: Information leak via symlinks of existance of files or directories outside of the exported share
  • CVE-2021-44142: Out-of-bounds heap read/write vulnerability in VFS module vfs_fruit allows code execution
  • CVE-2022-0336: Samba AD users with permission to write to an account can impersonate arbitrary services
QNAP is thoroughly investigating the vulnerabilities. We will release security updates and provide further information as soon as possible.

Recommendation​

Before security updates are available, to secure your QNAP NAS we recommend the following actions:
  • Disable SMB 1.
  • Deny guest access to all shared folders

Disabling SMB 1
  1. Log on to QTS or QuTS hero.
  2. Go to Control Panel > Network & File > Win/Mac/NFS/WebDAV > Microsoft Networking.
  3. Click Advanced Options.
    The Advanced Options window opens.
  4. Next to Lowest SMB version, select SMB 2 or higher
  5. Click Apply.
... ... ...
 
  • +Reputation
Reactions: Gandalf_The_Grey