QNAP Patches High-Severity Bugs in QTS, Qsync Central

February 5, 2024 at 06:06PM Taiwan-based QNAP Systems has released patches for two dozen vulnerabilities across its products, including high-severity flaws leading to command execution and critical resource access in QTS, QuTS hero, QuTScloud, and Qsync Central. The vulnerabilities could allow for code execution, DoS attacks, and data leakage. No known attacks have exploited these … Read more

QNAP Patches High-Severity Flaws in QTS, Video Station, QuMagie, Netatalk Products

January 8, 2024 at 09:54AM QNAP Systems has released patches for a dozen vulnerabilities, including high-severity flaws affecting its operating system and products like QTS, QuTS hero, Video Station, and QuMagie. These vulnerabilities could allow remote attackers to execute arbitrary code, perform SQL injection and OS command injection, and exploit cross-site scripting flaws. Details can … Read more

QNAP warns of critical command injection flaws in QTS OS, apps

November 6, 2023 at 07:52AM QNAP Systems has issued security advisories regarding two critical command injection vulnerabilities in its QTS operating system and applications for network-attached storage (NAS) devices. The flaws, tracked as CVE-2023-23368 and CVE-2023-23369, can be exploited remotely by attackers. Multiple QTS versions are affected, but fixes are available for download. Admins are … Read more