Orico Firmware [patched] -

This vulnerability affects ORICO NAS CD3510 firmware version 1.9.12 and below. It allows attackers with physical access to the device to:

ORICO的设备大多使用公版主控芯片，虽然官方提供了必要的固件下载入口，但有时需要用户自己去挖掘和区分JMSxxx与Realtek的不同版本。对于寻求稳定性的用户来说，只有在遇到特定Bug（如Win8不识别、蜂鸣器乱响、NVMe无法弹出等）时才需要刷新固件；对于进阶玩家来说，固件刷新则意味着可以深度定制硬盘休眠策略与传输模式。

: As discovered in recent vulnerabilities, keeping firmware updated is crucial for network-connected devices. orico firmware

A firmware upgrade can sometimes allow an older docking station to recognize newer, high-capacity hard drives (e.g., upgrading support from 10TB to 18TB+ drives).

：升级过程中硬盘盒/硬盘座需要接入硬盘且通电，虽然刷新的是主控芯片而非硬盘数据区，但瞬间掉电或中断可能导致设备变砖（无法识别）。论坛用户也曾警告过利用JMicron控制器管理工具可能直接砖化设备，因此在操作前必须备份重要数据。 This vulnerability affects ORICO NAS CD3510 firmware version

Many ORICO boards have a hidden labeled “RECOVER”, “FW_REC”, or “J1”. Short these pins with a paperclip while plugging in the USB cable. This forces the chip into DFU (Device Firmware Upgrade) mode, allowing the flasher to retry.

While most ORICO devices are plug-and-play, specific scenarios make a firmware update essential: While most ORICO devices are plug-and-play

Without up-to-date firmware, your ORICO enclosure might work fine for basic storage but fail at advanced tasks like booting an OS, running virtual machines, or sustaining high-speed transfers.

: Navigate to the ORICO Download Center to search for your specific model number.

After flashing, safely eject and reconnect the drive. Check firmware version in the tool again.