{"id":2310408,"date":"2024-12-09T23:02:22","date_gmt":"2024-12-09T23:02:22","guid":{"rendered":"https:\/\/www.wacoca.com\/news\/2310408\/"},"modified":"2024-12-09T23:02:22","modified_gmt":"2024-12-09T23:02:22","slug":"%e3%80%90%e3%82%bb%e3%82%ad%e3%83%a5%e3%83%aa%e3%83%86%e3%82%a3-%e3%83%8b%e3%83%a5%e3%83%bc%e3%82%b9%e3%80%91qnap%e8%a3%bdnas%e3%81%aeos%e3%81%ab%e8%a4%87%e6%95%b0%e8%84%86%e5%bc%b1%e6%80%a7","status":"publish","type":"post","link":"https:\/\/www.wacoca.com\/news\/2310408\/","title":{"rendered":"\u3010\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3 \u30cb\u30e5\u30fc\u30b9\u3011QNAP\u88fdNAS\u306eOS\u306b\u8907\u6570\u8106\u5f31\u6027 – \u30a2\u30c3\u30d7\u30c7\u30fc\u30c8\u3067\u4fee\u6b63\uff081\u30da\u30fc\u30b8\u76ee \/ \u51681\u30da\u30fc\u30b8\uff09\uff1aSecurity NEXT"},"content":{"rendered":"

QNAP Systems\u306f\u3001\u73fe\u5730\u6642\u959312\u67087\u65e5\u306b\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30a2\u30c9\u30d0\u30a4\u30b6\u30ea\u3092\u516c\u958b\u3057\u3001\u540c\u793eNAS\u88fd\u54c1\u306eOS\u3068\u3057\u3066\u63d0\u4f9b\u3057\u3066\u3044\u308b\u300cQTS\u300d\u304a\u3088\u3073\u300cQuTS hero\u300d\u306b\u95a2\u3059\u308b\u8106\u5f31\u6027\u3092\u660e\u3089\u304b\u306b\u3057\u305f\u3002<\/p>\n

\u5177\u4f53\u7684\u306b\u306f\u3001\u4efb\u610f\u306e\u30b3\u30de\u30f3\u30c9\u3092\u5b9f\u884c\u3055\u308c\u308b\u304a\u305d\u308c\u304c\u3042\u308b\u30b3\u30de\u30f3\u30c9\u30a4\u30f3\u30b8\u30a7\u30af\u30b7\u30e7\u30f3\u300cCVE-2024-50393\u300d\u3092\u306f\u3058\u3081\u3001\u6539\u884c\u30b3\u30fc\u30c9\u306e\u4e0d\u9069\u5207\u306a\u51e6\u7406\u306b\u8d77\u56e0\u3059\u308b\u300cCRLF\u30a4\u30f3\u30b8\u30a7\u30af\u30b7\u30e7\u30f3\u300d\u306e\u8106\u5f31\u6027\u300cCVE-2024-48868\u300d\u300cCVE-2024-48867\u300d\u306a\u3069\u3001\u3042\u308f\u305b\u30668\u4ef6\u306e\u8106\u5f31\u6027\u306b\u3064\u3044\u3066\u660e\u3089\u304b\u306b\u3057\u305f\u3082\u306e\u3002<\/p>\n

\u8a3c\u660e\u66f8\u306e\u4e0d\u9069\u5207\u306a\u691c\u8a3c\u300cCVE-2024-48865\u300d\u3001\u4e0d\u9069\u5207\u306a\u8a8d\u8a3c\u300cCVE-2024-48859\u300d\u3001\u4e0d\u9069\u5207\u306aURL\u30a8\u30f3\u30b3\u30fc\u30c7\u30a3\u30f3\u30b0\u306e\u51e6\u7406\u300cCVE-2024-48866\u300d\u3001\u30d5\u30a9\u30fc\u30de\u30c3\u30c8\u6587\u5b57\u5217\u306e\u8106\u5f31\u6027\u300cCVE-2024-50402\u300d\u300cCVE-2024-50403\u300d\u306a\u3069\u3082\u5224\u660e\u3057\u3066\u3044\u308b\u3002<\/p>\n

\u3044\u305a\u308c\u3082\u30d0\u30b0\u30d0\u30a6\u30f3\u30c6\u30a3\u30b3\u30f3\u30c6\u30b9\u30c8\u300cPwn2Own 2024\u300d\u3092\u901a\u3058\u3066\u5831\u544a\u3055\u308c\u305f\u3002\u958b\u767a\u30c1\u30fc\u30e0\u306f\u3001\u30a2\u30c3\u30d7\u30c7\u30fc\u30c8\u306e\u91cd\u8981\u5ea6\u30924\u6bb5\u968e\u4e2d\u3001\u4e0a\u304b\u30892\u756a\u76ee\u306b\u3042\u305f\u308b\u300c\u91cd\u8981\uff08Important\uff09\u300d\u3068\u30ec\u30fc\u30c6\u30a3\u30f3\u30b0\u3057\u3066\u3044\u308b\u3002<\/p>\n

\u5171\u901a\u8106\u5f31\u6027\u8a55\u4fa1\u30b7\u30b9\u30c6\u30e0\u300cCVSSv3.1\u300d\u306e\u30d9\u30fc\u30b9\u30b9\u30b3\u30a2\u3092\u898b\u308b\u3068\u3001\u4eca\u56de\u5224\u660e\u3057\u305f\u306a\u304b\u3067\u306f\u3001\u300cCVE-2024-50393\u300d\u300cCVE-2024-48868\u300d\u304c\u300c8.7\u300d\u3068\u9ad8\u304f\u3001\u300cCVE-2024-48865\u300d\u304c\u300c7.3\u300d\u3067\u7d9a\u3044\u3066\u3044\u308b\u3002\u4ed6\u8106\u5f31\u6027\u306f\u300c5.3\u300d\u304b\u3089\u300c2.1\u300d\u3068\u8a55\u4fa1\u3057\u305f\u3002<\/p>\n

\u540c\u793e\u306f\u3001\u3053\u308c\u3089\u8106\u5f31\u6027\u3092\u89e3\u6d88\u3057\u305f\u300cQTS 5.2.2.2950\u300d\u300c\u540c5.1.9.2954\u300d\u3001\u300cQuTS hero h5.2.2.2952\u300d\u300c\u540ch5.1.9.2954\u300d\u3092\u63d0\u4f9b\u3057\u3066\u304a\u308a\u3001NAS\u306e\u7ba1\u7406\u753b\u9762\u306b\u304a\u3044\u3066\u66f4\u65b0\u3059\u308b\u304b\u3001\u624b\u52d5\u3067\u30a2\u30c3\u30d7\u30c7\u30fc\u30c8\u3092\u884c\u3046\u3088\u3046\u6c42\u3081\u3066\u3044\u308b\u3002<\/p>\n

\uff08Security NEXT – 2024\/12\/09 \uff09<\/p>\n

\"\u3053\u306e\u30a8\u30f3\u30c8\u30ea\u30fc\u3092\u306f\u3066\u306a\u30d6\u30c3\u30af\u30de\u30fc\u30af\u306b\u8ffd\u52a0\"<\/p>\n

\u30c4\u30a4\u30fc\u30c8<\/p>\n

<\/p>\n

\u95a2\u9023\u30ea\u30f3\u30af<\/p>\n

QNAP\uff1aMultiple Vulnerabilities in QTS and QuTS hero
\n
\nQNAP Systems<\/p>\n

PR<\/p>\n

\u95a2\u9023\u8a18\u4e8b<\/p>\n

\u300cWordPress\u300d\u306e\u30e1\u30f3\u30c6\u6a5f\u80fd\u3092\u63d0\u4f9b\u3059\u308b\u30d7\u30e9\u30b0\u30a4\u30f3\u306bRCE\u8106\u5f31\u6027
\u5148\u9031\u6ce8\u76ee\u3055\u308c\u305f\u8a18\u4e8b\uff082024\u5e7412\u67081\u65e5\u301c2024\u5e7412\u67087\u65e5\uff09
\u300cMicrosoft Edge\u300d\u306b\u30a2\u30c3\u30d7\u30c7\u30fc\u30c8 – \u8106\u5f31\u60272\u4ef6\u3092\u89e3\u6d88
\u8077\u54e1\u304c\u643a\u5e2f\u96fb\u8a71\u3092\u4e00\u6642\u7d1b\u5931\u3001\u4fdd\u8b77\u30b1\u30fc\u30b9\u306b\u30ed\u30c3\u30af\u89e3\u9664\u30e1\u30e2 – \u65b0\u6f5f\u770c
\u8907\u6570\u306e\u6c7a\u88c1\u6587\u66f8\u304c\u6240\u5728\u4e0d\u660e\u306b\u3001\u76d7\u96e3\u306e\u53ef\u80fd\u6027\u3082 – \u56db\u689d\u7577\u5e02
\u4f1a\u54e1\u9867\u5ba2\u5411\u3051\u30e1\u30fc\u30eb\u3067\u8aa4\u9001\u4fe1 – PC\u5468\u8fba\u6a5f\u5668\u30e1\u30fc\u30ab\u30fc
\u4f1d\u7968\u3092\u4fdd\u7ba1\u3057\u3066\u3044\u305f\u6bb5\u30dc\u30fc\u30eb3\u7bb1\u3092\u8aa4\u5ec3\u68c4 – \u4f50\u8cc0\u9280
\u8077\u54e1\u306e\u30a2\u30ab\u30a6\u30f3\u30c82\u4ef6\u304c\u30b9\u30d1\u30e0\u9001\u4fe1\u306e\u8e0f\u307f\u53f0\u306b – \u6771\u4eac\u7d4c\u6e08\u5927
\u300cDjango\u300d\u306b\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30a2\u30c3\u30d7\u30c7\u30fc\u30c8 – \u8907\u6570\u306e\u8106\u5f31\u6027\u3092\u4fee\u6b63
\u30e9\u30a4\u30af\u30ad\u30c3\u30ba\u3078\u306e\u30e9\u30f3\u30b5\u30e0\u653b\u6483 – \u8106\u5f31\u6027\u3092\u7a81\u3044\u3066\u4fb5\u5165<\/p>\n","protected":false},"excerpt":{"rendered":"

QNAP Systems\u306f\u3001\u73fe\u5730\u6642\u959312\u67087\u65e5\u306b\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30a2\u30c9\u30d0\u30a4\u30b6\u30ea\u3092\u516c\u958b\u3057\u3001\u540c\u793eNAS\u88fd\u54c1\u306eOS\u3068\u3057\u3066\u63d0\u4f9b\u3057\u3066\u3044\u308b\u300cQTS\u300d\u304a\u3088\u3073\u300cQuTS hero\u300d\u306b\u95a2\u3059\u308b\u8106\u5f31\u6027\u3092\u660e\u3089\u304b\u306b\u3057\u305f\u3002 \u5177\u4f53\u7684\u306b\u306f\u3001\u4efb\u610f\u306e\u30b3\u30de\u30f3\u30c9\u3092\u5b9f<\/p>\n","protected":false},"author":2,"featured_media":2284270,"comment_status":"","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[762827],"tags":[762834,762833,142962,521918,43762,162246,200,7304,2662,762832],"class_list":{"0":"post-2310408","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-science-technology","8":"tag-science-technology","9":"tag-science-news","10":"tag-security","11":"tag-technology-news","12":"tag-43762","13":"tag-162246","14":"tag-200","15":"tag-7304","16":"tag-2662","17":"tag-762832"},"share_on_mastodon":{"url":"https:\/\/wakoka.com\/@news\/113625365450311828","error":""},"_links":{"self":[{"href":"https:\/\/www.wacoca.com\/news\/wp-json\/wp\/v2\/posts\/2310408","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.wacoca.com\/news\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.wacoca.com\/news\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.wacoca.com\/news\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.wacoca.com\/news\/wp-json\/wp\/v2\/comments?post=2310408"}],"version-history":[{"count":0,"href":"https:\/\/www.wacoca.com\/news\/wp-json\/wp\/v2\/posts\/2310408\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.wacoca.com\/news\/wp-json\/wp\/v2\/media\/2284270"}],"wp:attachment":[{"href":"https:\/\/www.wacoca.com\/news\/wp-json\/wp\/v2\/media?parent=2310408"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.wacoca.com\/news\/wp-json\/wp\/v2\/categories?post=2310408"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.wacoca.com\/news\/wp-json\/wp\/v2\/tags?post=2310408"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}