tags:iotstack_overflow original link: QNAP QTS: QNAPping At The Wheel (CVE-2024-27130 and friends) newsletter link: exploits.club Weekly Newsletter 22
Exploits Club Summary:
What do you get when you take a NAS device and bolt on a custom web server which forwards commands to various CGI scripts written in C? A remotely exploitable stack overflow like itâs 1999. Thatâs exactly what watchTowr Labs demonstrated on the QNAP QTS in their most recent blog post. And in traditional watchtowr fashion, the post is just generally fun to read, so give it a read.