QNAP has issued a patch of a security vulnerability that could affect certain configurations of its NAS Drives. The flaw resides in PHP that deals with FPM. It can allow remote code execution.
Security risk RSS
Open-Source code is quite popular as it reduces the software development cycle. However, rampant use of the same is increasing security concerns. Companies must have some policy to deal with risks.
A billion "Smart" IoT devices were attacked or recorded suspicious network traffic in 2021. Poor awareness, improper defenses, rare updates, and incorrect configuration are some reasons.
Nearly all Android smartphones and devices packing MediaTek or Qualcomm with a Security Patch dated prior to December 2021 remain vulnerable to an RCE security bug that can allow eavesdropping.
