es1640dc v2 - CWE Vulnerabilities

Post Reply
Dmont
New here
Posts: 8
Joined: Tue Sep 04, 2018 6:10 pm

es1640dc v2 - CWE Vulnerabilities

Post by Dmont »

After scanning our QNAP es1640dc v2, a number of vulnerabilities are shown. We've updated to the latest firmware (2.1.1.0775) but the vulnerabilities are still there.

The CWE vulnerabilities are:
CWE-319, CWE-77, CWE-79, CWE-295 and CWE-200.

All the vulnerabilities have a solution of updating the firmware to version 4.x.x but this QNAP can't do that.

Can someone in the know please check those vulnerabilities and see if the current firmware is protecting us, we can then put this down to a false positive.

Thank you
User avatar
dolbyman
Guru
Posts: 34903
Joined: Sat Feb 12, 2011 2:11 am
Location: Vancouver BC , Canada

Re: es1640dc v2 - CWE Vulnerabilities

Post by dolbyman »

you would need to contact qnap..we have no idea what is fixed or might be fixed in future updates
Post Reply

Return to “QES Operating System (QNAP Enterprise Storage OS)”