Short Name |
FTP:AUDIT:QNAP-QTS-HDAC |
---|---|
Severity |
Major |
Recommended |
No |
Recommended Action |
Drop |
Category |
FTP |
Keywords |
QNAP QTS Hard Coded Credential Access |
Release Date |
2018/06/05 |
Update Number |
3070 |
Supported Platforms |
idp-4.0+, isg-3.4+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
This signature detects attempts to exploit a known vulnerability against QNAP QTS. A successful exploit can lead to remote code execution.
The FTP service in QNAP iArtist Lite before 1.4.54, as distributed with QNAP Signage Station before 2.0.1, has hardcoded credentials, which makes it easier for remote attackers to obtain access via a session on TCP port 21.