Network-attached storage devices have more security holes than routers


by CBR Staff Writer| 07 August 2014

In fact they are ‘far worse than routers’, researcher adds.

Network-attached storage (NAS) devices are reportedly more vulnerable compared to home routers, a new security report has revealed.

According to security mettle-detectors Independent Security Evaluators, of the overall devices analysed from ten manufacturers, almost all of them were found to be vulnerable.

Independent Security Evaluators security analyst Jacob Holcomb told PCWorld: "There wasn't one device that I literally couldn't take over.

"At least 50 percent of them can be exploited without authentication."

During the experiments, Holcomb evaluated devices including Asustor's AS-602T, TRENDnet's TN-200 and TN-200T1, QNAP's TS-870, Seagate's BlackArmor 1BW5A3-570, Netgear's ReadyNAS104, D-LINK's DNS-345, Lenovo's IX4-300D, Buffalo's TeraStation 5600, Western Digital's MyCloud EX4 and ZyXEL's NSA325 v2.

To date, the security organisation MITRE has allotted 22 Common Vulnerabilities and Exposures (CVE) for the issues.

Further, hackers can more likely access router from internet than a NAS system, and by hacking these storage devices, hackers would also be able to take over traffic from other devices on the same network using techniques such as ARP spoofing.

Post a comment

Comments may be moderated for spam, obscenities or defamation.

Join our network

791 people like this.
2233 people follow this.

Security Intelligence

Suppliers Directory

Privcy Policy

We have updated our privacy policy. In the latest update it explains what cookies are and how we use them on our site. To learn more about cookies and their benefits, please view our privacy policy. Please be aware that parts of this site will not function correctly if you disable cookies. By continuing to use this site, you consent to our use of cookies in accordance with our privacy policy unless you have disabled them.