Censys, an attack surface management firm, has identified roughly 30,000 internet-exposed QNAP network attacked storage appliances that have been affected by a critical vulnerability. The vulnerability is a critical-severity code injection vulnerability that is described as an SQL injection bug. It allows remote attackers to inject malicious code into vulnerable devices such as the 30,000 identified by Censys.
The number of affected devices could be much higher, Censys warned. The majority of the vulnerable hosts are in Italy and the US, as well as Taiwan, Germany, and Japan. If the exploit is weaponized by cyberattackers, they could target these hosts to conduct cyberattacks. QNAP appliances are already known to be a target for cybercriminals.