« Back to all recent discussions
FAQ - Upgrading latest NAS remote code execution vulnerability firmware
1. How to do online firmware upgrade?
Please follow below steps to do online firmware upgrade. (Make sure your NAS is able to access the Internet)1. Please enter your NAS GUI. There are three ways to access GUI
1) findme website to access GUI
2) type NAS IP in browser to access GUI, you can view the NAS IP from DHCP list of your Router.
3) type NAS model name in the browser
2. Click Control Panel >> System >> FW Upgrade >> Latest Firmware Check
3. Click “Check Now” to check the latest firmware version.
4. Click "Upgrade Now" to upgrade the firmware.
2. Not able to login after Firmware UpgradeTo avoid the remote code execution vulnerability, the password doesn't accept special characters ! # $ % & ( - | after updated to the latest firmware.
If you cannot login the web interface after upgrade, please press the hardware reset button at the back of NAS for 2 seconds, and you will hear one beep sound, then release the hardware reset button. This resets the NAS's IP address and password to the default setting (admin/1234).
1. This reset will not erase all configuration of NAS device, it will only reset the password for admin and the network IP.
2. This reset will not cause any data loss or damage in your NAS device or disk.
3. If the IP of NAS device was as static IP, the IP would switch to automatically after the reset. Please access Web GUI >> Control Panel >> Network >> TCP/IP >> Network Interface to re-configure the network Settings.
If you still have problems or questions, feel free to leave comments below.
The release note is in the attachment.