es1640dc v2 - CWE Vulnerabilities

Post Reply
Dmont
New here
Posts: 8
Joined: Tue Sep 04, 2018 6:10 pm

es1640dc v2 - CWE Vulnerabilities

Post by Dmont » Mon May 31, 2021 5:35 pm

After scanning our QNAP es1640dc v2, a number of vulnerabilities are shown. We've updated to the latest firmware (2.1.1.0775) but the vulnerabilities are still there.

The CWE vulnerabilities are:
CWE-319, CWE-77, CWE-79, CWE-295 and CWE-200.

All the vulnerabilities have a solution of updating the firmware to version 4.x.x but this QNAP can't do that.

Can someone in the know please check those vulnerabilities and see if the current firmware is protecting us, we can then put this down to a false positive.

Thank you

User avatar
dolbyman
Guru
Posts: 23506
Joined: Sat Feb 12, 2011 2:11 am
Location: Vancouver BC , Canada

Re: es1640dc v2 - CWE Vulnerabilities

Post by dolbyman » Mon May 31, 2021 9:29 pm

you would need to contact qnap..we have no idea what is fixed or might be fixed in future updates

Post Reply

Return to “QES Operating System (QNAP Enterprise Storage OS)”