Critical QNAP Vulnerability Leads to Code Injection

QNAP Systems this week issued a warning on a critical vulnerability that could allow attackers to inject malicious code on network-attached storage (NAS) devices.The Taiwan-based manufacturer is known for its NAS appliances and professional network video recorder (NVR) solutions, but also produces various types of networking equipment.Tracked as CVE-2022-27596 (CVSS score of 9.8), the newly disclosed vulnerability is described as an SQL injection flaw impacting QuTS hero and QTS.“A vulnera