Overview On January 31, 2023, NSFOCUS CERT detected that QNAP officially released a QNAP QTS and QuTS hero SQL injection vulnerability (CVE-2022-27596) notice. Due to the flaws in QNAP QTS and QuTS hero, unauthenticated remote attackers can use this vulnerability to inject malicious code on QNAP NAS devices, and ultimately...
Tag: SQL
SQL Injection Revealing the Truth Behind Information Disclosure
I. Principle At present, there has been a great deal of news coverage about information disclosure. A large amount of information is constantly disclosed and sold through various websites, resulting in endless cases of telecom fraud. We have already known that SQL injection is the culprit responsible for all the...
