Security Notices

Samba vulnerability

Description of vulnerability:

There is a vulnerability reported as CVE-2017-7494 regarding security in Samba version 3.5.0 or later. 

With this vulnerability, malicious clients may execute illegal code by copying illegal shared libraries to writable shared folders.

Products

Product category Product series
TeraStation TS 5010 series (fixed)
TS 3010 series (fixed)
TS 7000 series (fixed)
TS 5000 series (fixed)
TS 5200DS series
TS 3000 series (fixed)
TS 1000 series (fixed)
TS-X series (fixed)
TS-V series (fixed)
Product category Product series
LinkStation
LS 500 series (fixed)
LS 420DS serie
LS 400 series (fixed)
LS 200 series (fixed)
LS-WSXL / R1 Series (fixed)
LS-X series (fixed)

LS-V series (fixed)

Product category Product series UserFriendly Professional
AirStation WZR-HP-AG300H   19154d (fixed)
WZR-HP-G300NH2 19154d (fixed)
WZR-HP-G450H 20025d (fixed)
WZR-600DHP2 n/a



※ Windows Storage Server model of TeraStation are not affected by this issue. 

 * Please check this page for latest updates. 

 The threat posed by vulnerability 

 The configuration can be altered or malicious programs may be executed. 

 Workaround 

 As the target products are identified, we will release firmware that will take measures against the vulnerability of that product. 

 Please take the following precaution until the firmware is corrected. 

• When sharing folders with the Samba protocol, please grant write permission only to trusted users.