AFP Vulnerabilities
AFP Vulnerabilities
Advisory Summary
We have confirmed multiple vulnerabilities related to AFP in our TeraStation and LinkStation NAS products. Data stored in affected products may be improperly obtained or arbitrary code from threat actors may be executed.
We are currently investigating our products, and corrective action is needed, as decribed below. The vulnerabilities and affected products that have been identified so far are as follows:
| Vulnerability ID | Vulnerability Overview |
|---|---|
| CVE-2021-31439 | A heap-based buffer overflow vulnerability |
| CVE-2022-23121 | An improper handling vulnerability present under exceptional conditions |
| CVE-2022-0194 | A stack-based buffer overflow vulnerability |
| CVE-2022-23122 | A stack-based buffer overflow vulnerability |
| CVE-2022-23125 | A stack-based buffer overflow vulnerability |
| CVE-2022-23123 | An out-of-bounds read vulnerability |
| CVE-2022-23124 | An out-of-bounds read vulnerability |
Affected Products
| Product Series | Corrective Action(s) |
|---|---|
| TS6000 | Update firmware to version 5.62 or later. |
| TS5010/3010/3020 | Update firmware to version 5.34 or later. |
| TS1000 | Please follow corrective action below. |
| TS3000 | Please follow corrective action below. |
| TS5000 | Please follow corrective action below. |
| TS5200DS | Please follow corrective action below. |
| TS-2RZ | Please follow corrective action below. |
| LS200 | Please follow corrective action below. |
| LS400 | Please follow corrective action below. |
| LS500 | Please follow corrective action below. |
| TS-X | Please follow corrective action below. |
| TS-V | Please follow corrective action below. |
Corrective Actions
For products for which patch firmware has not yet been released, please refer to the appropriate procedures below to manually disable the AFP function. When new firmware is released for the affected products, we will update this page accordingly.
Corrective Procedures
Select the product series you are using to follow its corrective procedure.
|
TS-2RZ, TS5000/3000/1000 Series |
△ |
Disable AFP
(1) From Settings, click [File Sharing].
(2) Click the switch icon next to [AFP] to turn it off (
).
|
LS200/400 Series |
△ |
Disable AFP
(1) From Settings, click [File Sharing].
(2) Click the switch icon next to [AFP] to turn it off (
).
|
LS500 Series |
△ |
Disable AFP
(1) From Settings, click [Preferences] (
).
(2) Click [AFP].
(3) Uncheck [Enable AFP], and then click [Apply].
|
TS-X/V Series |
△ |
Disable AFP
(1) From Settings, navigate to [Network] - [Network] - [Network Service] - [AFP].
(2) Click [Do not use], and then click [Save].
Page Revision History
| Date | Description |
| 8/31/22 | Initial release |