Firmware & Software

Multiple Vulnerabilities in Photo Station

30. Oktober 2020
Three cross-site scripting vulnerabilities (CVE-2018-19954, CVE-2018-19955, CVE-2018-19956) have been reported to affect earlier v ... More
Multiple Vulnerabilities in Music Station

30. Oktober 2020
Three vulnerabilities have been reported to affect earlier versions of Music Station. CVE-2018-19950: If exploited, this command ... More
Multiple Vulnerabilities in QTS

28. Oktober 2020
Two vulnerabilities have been reported to affect earlier versions of QTS. CVE-2020-2490 ＆ CVE-2020-2492: If exploited, these two ... More
Zerologon

19. Oktober 2020

+1
The Zerologon vulnerability has been reported to affect some versions of QTS. If exploited, this elevation of privilege vulnerabil ... More
AgeLocker Ransomware

25. September 2020
The AgeLocker Ransomware has been reported to target QNAP NAS, Linux, and macOS devices. This new ransomware attempts to encrypt t ... More
AgeLocker Ransomware (MR1907)

25. September 2020
The AgeLocker Ransomware (MR1907) has been reported to target QNAP NAS, Linux, and macOS devices. This new ransomware attempts to ... More
Multiple Vulnerabilities in Helpdesk

9. September 2020
Three vulnerabilities have been reported to affect earlier versions of Helpdesk. CVE-2018-19946: If exploited, this improper cer ... More
CVE-2020-11651 in QNAPClub SaltStack

12. August 2020
An issue was discovered in SaltStack versions before Salt 2019.2.4 and Salt 3000 before 3000.2. The salt-master process ClearFuncs ... More
Improper Access Control in Helpdesk

24. Juni 2020
This improper access control vulnerability in Helpdesk allows attackers to get control of QNAP Kayako service. Attackers can acces ... More
eCh0raix Ransomware

11. Juni 2020

+1
The eCh0raix ransomware (MR1904) has been reported to target QNAP NAS devices and exploit certain vulnerabilities in earlier versi ... More
Multiple Vulnerabilities in File Station

5. Juni 2020

+1
Three vulnerabilities have been reported to affect earlier versions of QTS. CVE-2018-19943: If exploited, this cross-site script ... More
Security Advisory for Multiple SMB Vulnerabilities in QTS

21. Dezember 2019

+2
Three vulnerabilities have been reported to affect all versions of SMB in QTS. CVE-2019-10218: Malicious servers can cause Samba ... More
Security Advisory for Vulnerabilities in QTS and Photo Station

10. Dezember 2019
Several vulnerabilities have been reported to affect multiple versions of QTS and Photo Station. CVE-2019-7192: This improper acc ... More
Security Advisory for Unquoted Service Path Vulnerability in QNAP NetBak Replicator

5. Dezember 2019
An unquoted service path vulnerability is reported to affect the service “QVssService” in QNAP NetBak Replicator. This ... More
Security Advisory for Vulnerabilities in File Station, Video Station and Music Station

28. November 2019
Several vulnerabilities have been reported to affect multiple versions of QTS, Video Station and Music Station. CVE-2018-7183: T ... More
Security Advisory for Stored XSS Vulnerability in QTS Event Notification

28. November 2019
A stored cross-site scripting (XSS) vulnerability has been reported to affect multiple versions of QTS. If exploited, this vulnera ... More
Security Advisory for Vulnerabilities in Photo Station

28. November 2019
Several vulnerabilities have been reported to affect multiple versions of QTS and Photo Station. CVE-2019-7192: This improper acc ... More
Security Advisory for Arbitrary File Copy Vulnerability in mod_copy in ProFTPD (CVE-2019-12815)

22. November 2019

+1
An arbitrary file copy vulnerability in mod_copy in ProFTPD allows for remote code execution and information disclosure without au ... More
Security Advisory for Vulnerabilities in Helpdesk, Music Station, and File Station

22. November 2019

+1
Three vulnerabilities are reported to affect all versions of Helpdesk, Music Station, and File Station. CVE-2018-0728: This impr ... More
Security Advisory for Malware QSnatch

1. November 2019

+1
The QSnatch malware is reportedly being used to target QNAP NAS devices. The National Cyber Security Center Finland (NCSC-FI) has ... More

Multiple Vulnerabilities in Photo Station

Multiple Vulnerabilities in Music Station

Multiple Vulnerabilities in QTS

Zerologon

AgeLocker Ransomware

AgeLocker Ransomware (MR1907)

Multiple Vulnerabilities in Helpdesk

CVE-2020-11651 in QNAPClub SaltStack

Improper Access Control in Helpdesk

eCh0raix Ransomware

Multiple Vulnerabilities in File Station

Security Advisory for Multiple SMB Vulnerabilities in QTS

Security Advisory for Vulnerabilities in QTS and Photo Station

Security Advisory for Unquoted Service Path Vulnerability in QNAP NetBak Replicator

Security Advisory for Vulnerabilities in File Station, Video Station and Music Station

Security Advisory for Stored XSS Vulnerability in QTS Event Notification

Security Advisory for Vulnerabilities in Photo Station

Security Advisory for Arbitrary File Copy Vulnerability in mod_copy in ProFTPD (CVE-2019-12815)

Security Advisory for Vulnerabilities in Helpdesk, Music Station, and File Station

Security Advisory for Malware QSnatch