QNAP warns of critical auth bypass flaw in its NAS devices

March 8, 2024 at 03:07PM QNAP has warned of vulnerabilities in its NAS software, including QTS, QuTS hero, QuTScloud, and myQNAPcloud, which could grant unauthorized access to devices. The flaws include an authentication bypass, command injection, and SQL injection, affecting various operating systems. Users are advised to upgrade to specific versions to address the vulnerabilities … Read more

QNAP Patches High-Severity Bugs in QTS, Qsync Central

February 5, 2024 at 06:06PM Taiwan-based QNAP Systems has released patches for two dozen vulnerabilities across its products, including high-severity flaws leading to command execution and critical resource access in QTS, QuTS hero, QuTScloud, and Qsync Central. The vulnerabilities could allow for code execution, DoS attacks, and data leakage. No known attacks have exploited these … Read more

QNAP Patches High-Severity Flaws in QTS, Video Station, QuMagie, Netatalk Products

January 8, 2024 at 09:54AM QNAP Systems has released patches for a dozen vulnerabilities, including high-severity flaws affecting its operating system and products like QTS, QuTS hero, Video Station, and QuMagie. These vulnerabilities could allow remote attackers to execute arbitrary code, perform SQL injection and OS command injection, and exploit cross-site scripting flaws. Details can … Read more