{"id":218347,"date":"2022-06-23T08:28:29","date_gmt":"2022-06-23T10:28:29","guid":{"rendered":"https:\/\/teknomers.com\/fr\/une-vulnerabilite-php-critique-expose-les-peripheriques-nas-qnap-aux-attaques-a-distance\/"},"modified":"2022-06-23T08:28:30","modified_gmt":"2022-06-23T10:28:30","slug":"une-vulnerabilite-php-critique-expose-les-peripheriques-nas-qnap-aux-attaques-a-distance","status":"publish","type":"post","link":"https:\/\/teknomers.com\/fr\/une-vulnerabilite-php-critique-expose-les-peripheriques-nas-qnap-aux-attaques-a-distance\/","title":{"rendered":"Une vuln\u00e9rabilit\u00e9 PHP critique expose les p\u00e9riph\u00e9riques NAS QNAP aux attaques \u00e0 distance"},"content":{"rendered":"<p> <br \/>\n<\/p>\n<div id=\"articlebody\">\n<div class=\"separator\" style=\"clear: both\"><\/div>\n<p>QNAP, fabricant ta\u00efwanais d&#8217;appareils de stockage en r\u00e9seau (NAS), a d\u00e9clar\u00e9 mercredi qu&#8217;il \u00e9tait en train de corriger une vuln\u00e9rabilit\u00e9 PHP critique vieille de trois ans qui pourrait \u00eatre exploit\u00e9e pour obtenir l&#8217;ex\u00e9cution de code \u00e0 distance.<\/p>\n<p>&#8220;Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 signal\u00e9e pour affecter les versions PHP 7.1.x inf\u00e9rieures \u00e0 7.1.33, 7.2.x inf\u00e9rieures \u00e0 7.2.24 et 7.3.x inf\u00e9rieures \u00e0 7.3.11 avec une configuration nginx incorrecte&#8221;, a d\u00e9clar\u00e9 le fournisseur de mat\u00e9riel. <a rel=\"nofollow noopener\" href=\"https:\/\/www.qnap.com\/en\/security-advisory\/QSA-22-20\" target=\"_blank\">a dit<\/a> dans un avis.  &#8220;Si elle est exploit\u00e9e, la vuln\u00e9rabilit\u00e9 permet aux attaquants d&#8217;obtenir l&#8217;ex\u00e9cution de code \u00e0 distance.&#8221;<\/p>\n<div class=\"ad_two clear\"><a rel=\"nofollow noopener\" href=\"https:\/\/go.thn.li\/backup-gitlab\" target=\"_blank\" title=\"DevOps backup\"><img loading=\"lazy\" decoding=\"async\" alt=\"La cyber-s\u00e9curit\u00e9\" class=\"lazyload\" src=\"https:\/\/teknomers.com\/fr\/wp-content\/uploads\/2022\/05\/Fronton-un-botnet-IoT-russe-concu-pour-mener-des-campagnes.png\" width=\"300\" height=\"250\" \/><\/a><\/div>\n<p>La vuln\u00e9rabilit\u00e9, suivie comme <a rel=\"nofollow noopener\" href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2019-11043\" target=\"_blank\">CVE-2019-11043<\/a>, est not\u00e9 9,8 sur 10 pour la gravit\u00e9 sur le syst\u00e8me de notation des vuln\u00e9rabilit\u00e9s CVSS.  Cela dit, il est n\u00e9cessaire que Nginx et php-fpm s&#8217;ex\u00e9cutent dans les appliances utilisant les versions de syst\u00e8me d&#8217;exploitation QNAP suivantes &#8211;<\/p>\n<ul>\n<li>QTS 5.0.x et versions ult\u00e9rieures<\/li>\n<li>QTS 4.5.x et versions ult\u00e9rieures<\/li>\n<li>QuTS hero h5.0.x et versions ult\u00e9rieures<\/li>\n<li>QuTS hero h4.5.x et versions ult\u00e9rieures<\/li>\n<li>QuTScloud c5.0.x et versions ult\u00e9rieures<\/li>\n<\/ul>\n<p>&#8220;Comme QTS, QuTS hero ou QuTScloud n&#8217;ont pas nginx install\u00e9 par d\u00e9faut, les NAS QNAP ne sont pas affect\u00e9s par cette vuln\u00e9rabilit\u00e9 dans l&#8217;\u00e9tat par d\u00e9faut&#8221;, a d\u00e9clar\u00e9 la soci\u00e9t\u00e9, ajoutant qu&#8217;elle avait d\u00e9j\u00e0 att\u00e9nu\u00e9 le probl\u00e8me dans les versions du syst\u00e8me d&#8217;exploitation QTS 5.0.1.2034 build 20220515. et h\u00e9ros QuTS h5.0.0.2069 build 20220614.<\/p>\n<p>L&#8217;alerte arrive une semaine apr\u00e8s QNAP <a rel=\"nofollow noopener\" href=\"https:\/\/www.qnap.com\/en\/security-advisory\/qsa-22-19\" target=\"_blank\">r\u00e9v\u00e9l\u00e9<\/a> qu&#8217;il &#8220;enqu\u00eate en profondeur&#8221; sur une autre vague d&#8217;attaques de ran\u00e7ongiciels DeadBolt ciblant les appareils NAS QNAP ex\u00e9cutant des versions obsol\u00e8tes de QTS 4.x.<\/p>\n<div class=\"ad_two clear\"><a rel=\"nofollow noopener\" href=\"https:\/\/go.thn.li\/crowdsec-tour-d\" target=\"_blank\" title=\"CyberSecurity\"><img loading=\"lazy\" decoding=\"async\" alt=\"La cyber-s\u00e9curit\u00e9\" class=\"lazyload\" src=\"https:\/\/teknomers.com\/fr\/wp-content\/uploads\/2022\/04\/1650021915_454_Haskers-Gang-donne-gratuitement-le-logiciel-malveillant-ZingoStealer-a-dautres.jpg\" width=\"728\" height=\"90\" \/><\/a><\/div>\n<p>En plus d&#8217;exhorter les clients \u00e0 passer \u00e0 la derni\u00e8re version des syst\u00e8mes d&#8217;exploitation QTS ou QuTS hero, il est \u00e9galement recommand\u00e9 que les appareils ne soient pas expos\u00e9s \u00e0 Internet.<\/p>\n<p>De plus, QNAP a conseill\u00e9 aux clients qui ne peuvent pas localiser la note de ran\u00e7on apr\u00e8s la mise \u00e0 niveau du firmware vers <a rel=\"nofollow noopener\" href=\"https:\/\/www.qnap.com\/en\/how-to\/faq\/article\/how-do-i-restore-deadbolt-page-for-decrypting-the-files-if-i-have-the-correct-password\" target=\"_blank\">entrez la cl\u00e9 de d\u00e9cryptage DeadBolt re\u00e7ue<\/a> tendre la main \u00e0 <a rel=\"nofollow noopener\" href=\"https:\/\/service.qnap.com\/\" target=\"_blank\">Assistance QNAP<\/a> \u00e0 l&#8217;aide.<\/p>\n<p>&#8220;Si votre NAS a d\u00e9j\u00e0 \u00e9t\u00e9 compromis, prenez la capture d&#8217;\u00e9cran de la note de ran\u00e7on pour conserver l&#8217;adresse bitcoin, puis mettez \u00e0 niveau vers la derni\u00e8re version du micrologiciel et l&#8217;application int\u00e9gr\u00e9e Malware Remover mettra automatiquement en quarantaine la note de ran\u00e7on qui d\u00e9tourne la page de connexion&#8221;, \u00c7a disait.<\/p>\n<p><\/p>\n<\/div>\n<p><br \/>\n<br \/><a href=\"https:\/\/thehackernews.com\/2022\/06\/critical-php-vulnerability-exposes-qnap.html\" rel=\"nofollow noopener\" target=\"_blank\">ttn-fr-57<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>QNAP, fabricant ta\u00efwanais d&#8217;appareils de stockage en r\u00e9seau (NAS), a d\u00e9clar\u00e9 mercredi qu&#8217;il \u00e9tait en train de corriger une vuln\u00e9rabilit\u00e9 PHP critique vieille de trois ans qui pourrait \u00eatre exploit\u00e9e pour obtenir l&#8217;ex\u00e9cution de code \u00e0 distance. &#8220;Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 signal\u00e9e pour affecter les versions PHP 7.1.x inf\u00e9rieures \u00e0 7.1.33, 7.2.x inf\u00e9rieures \u00e0 7.2.24 [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":218348,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[6],"tags":[8074,507,4168,22,4158,4165,4161,2526,16209,4157,4159,4171,4170,65,4167,4160,5266,4163,4162,5265,41463,27510,4172,4169,196,4166,3667,4164],"class_list":["post-218347","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-technologie","tag-attaques","tag-aux","tag-comment-pirater","tag-critique","tag-cyber-actualites","tag-cyber-attaques","tag-cyber-mises-a-jour","tag-distance","tag-expose","tag-lactualite-de-la-cybersecurite","tag-lactualite-de-la-cybersecurite-aujourdhui","tag-lactualite-des-hackers","tag-la-securite-des-informations","tag-les","tag-logiciel-malveillant-de-ransomware","tag-mises-a-jour-de-la-cybersecurite","tag-nas","tag-nouvelles-de-piratage","tag-nouvelles-de-pirates","tag-peripheriques","tag-php","tag-qnap","tag-securite-informatique","tag-securite-internet","tag-une","tag-violation-de-donnees","tag-vulnerabilite","tag-vulnerabilite-logicielle"],"_links":{"self":[{"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/posts\/218347","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/comments?post=218347"}],"version-history":[{"count":0,"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/posts\/218347\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/media\/218348"}],"wp:attachment":[{"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/media?parent=218347"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/categories?post=218347"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/tags?post=218347"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}