QNAP Patches High-Severity Bugs in QTS, Qsync Central

February 5, 2024 at 06:06PM Taiwan-based QNAP Systems has released patches for two dozen vulnerabilities across its products, including high-severity flaws leading to command execution and critical resource access in QTS, QuTS hero, QuTScloud, and Qsync Central. The vulnerabilities could allow for code execution, DoS attacks, and data leakage. No known attacks have exploited these … Read more

QNAP warns of critical command injection flaws in QTS OS, apps

November 6, 2023 at 07:52AM QNAP Systems has issued security advisories regarding two critical command injection vulnerabilities in its QTS operating system and applications for network-attached storage (NAS) devices. The flaws, tracked as CVE-2023-23368 and CVE-2023-23369, can be exploited remotely by attackers. Multiple QTS versions are affected, but fixes are available for download. Admins are … Read more