飞牛OS出现重大漏洞 会泄露你的所有文件

Core Viewpoint - The article discusses a significant security vulnerability in the domestic Flycow system (fnOS), which allows hackers to access all files on NAS devices. Although the issue has been addressed in version 1.1.15, the company has not issued any official security announcements, raising concerns about user awareness and trust [3][9][10]. Summary by Sections Security Vulnerability - Flycow system fnOS has a major security flaw that has led to multiple devices being attacked by hackers, although it remains unclear if any data has been leaked [4]. - Users experiencing device issues such as freezing or network errors should check for abnormal connection counts, which may indicate a hack [5]. - Even users employing HTTPS, strong passwords, and 2FA have reported being infected, suggesting the vulnerability is inherent to the Flycow system rather than user negligence [6]. Official Response and User Notification - The Flycow official forum has confirmed the existence of a path traversal vulnerability, allowing hackers to access sensitive files on NAS devices. The vulnerability was fixed in version 1.1.15 [8]. - Despite the severity of the issue, Flycow has not issued any public announcements to inform users, relying instead on community discussions for information [9]. - The company should consider mandatory updates and user notifications to mitigate risks for those still using outdated versions [10]. Recommendations for Users - Users can verify the vulnerability by appending specific characters to their domain without logging in, as confirmed by multiple users [14]. - Temporary defense measures are suggested, but a complete reinstallation of the system and thorough checks of all files are recommended to ensure security [19].