This may require a manual install, as the patching for this may not auto-run.
A vulnerability allows man-in-the-middle attackers to hijack the authentication of administrators.
The vulnerability reported by PWN2OWN 2024 (ZDI-CAN-25487) has been addressed.
Just got the update. Good timing, because over the last week, I’ve had DOZENS upon DOZENS of IP addresses auto-blocked.
Before that, the last blocked IP address was like in September, so someone/something is probing.
I have a watt meter monitoring the power usage of my NAS. Out of all my checks, I assume that’s how I’m going to know I get hacked before anything else.
What’s the exposure surface of this if I have remote access disabled?
Update came through this morning. 7.2.2-72806 Update 3.
Anybody know if this effects 6.2.4?
According to this, 6.2.4.x is not affected.
