Firmware & Software

Improper Access Control in Helpdesk

24. Juni 2020
This improper access control vulnerability in Helpdesk allows attackers to get control of QNAP Kayako service. Attackers can acces ... More
eCh0raix Ransomware

11. Juni 2020

+1
The eCh0raix ransomware (MR1904) has been reported to target QNAP NAS devices and exploit certain vulnerabilities in earlier versi ... More
Multiple Vulnerabilities in File Station

5. Juni 2020

+1
Three vulnerabilities have been reported to affect earlier versions of QTS. CVE-2018-19943: If exploited, this cross-site script ... More
Security Advisory for Multiple SMB Vulnerabilities in QTS

21. Dezember 2019

+2
Three vulnerabilities have been reported to affect all versions of SMB in QTS. CVE-2019-10218: Malicious servers can cause Samba ... More
Security Advisory for Vulnerabilities in QTS and Photo Station

10. Dezember 2019
Several vulnerabilities have been reported to affect multiple versions of QTS and Photo Station. CVE-2019-7192: This improper acc ... More
Security Advisory for Unquoted Service Path Vulnerability in QNAP NetBak Replicator

5. Dezember 2019
An unquoted service path vulnerability is reported to affect the service “QVssService” in QNAP NetBak Replicator. This ... More
Security Advisory for Vulnerabilities in File Station, Video Station and Music Station

28. November 2019
Several vulnerabilities have been reported to affect multiple versions of QTS, Video Station and Music Station. CVE-2018-7183: T ... More
Security Advisory for Stored XSS Vulnerability in QTS Event Notification

28. November 2019
A stored cross-site scripting (XSS) vulnerability has been reported to affect multiple versions of QTS. If exploited, this vulnera ... More
Security Advisory for Vulnerabilities in Photo Station

28. November 2019
Several vulnerabilities have been reported to affect multiple versions of QTS and Photo Station. CVE-2019-7192: This improper acc ... More
Security Advisory for Arbitrary File Copy Vulnerability in mod_copy in ProFTPD (CVE-2019-12815)

22. November 2019

+1
An arbitrary file copy vulnerability in mod_copy in ProFTPD allows for remote code execution and information disclosure without au ... More
Security Advisory for Vulnerabilities in Helpdesk, Music Station, and File Station

22. November 2019

+1
Three vulnerabilities are reported to affect all versions of Helpdesk, Music Station, and File Station. CVE-2018-0728: This impr ... More
Security Advisory for Malware QSnatch

1. November 2019

+1
The QSnatch malware is reportedly being used to target QNAP NAS devices. The National Cyber Security Center Finland (NCSC-FI) has ... More
Security Advisory for Muhstik Ransomware

5. Oktober 2019
The Muhstik ransomware is reported to be used to target QNAP NAS devices. Devices using weak passwords and outdated QTS firmware o ... More
Security Advisory for Vulnerability in Music Station

2. Oktober 2019

+1
Summary A reported vulnerability may affect Music Station. If exploited, the vulnerability may allow an attacker to inject arbitra ... More
Security Advisory for OpenSSL Vulnerability in QTS

2. Oktober 2019

+1
Summary A reported OpenSSL vulnerability may affect QNAP NAS devices running QTS 4.4.1 build 20190818, QTS 4.3.6 build 20190813, a ... More
Security Advisory for Vulnerability in QTS and Photo Station

19. September 2019
Multiple vulnerabilities have been reported to affect versions of QTS and Photo Station. If exploited, these vulnerabilities may a ... More
Security Advisory for Access Control on QTS

8. August 2019

+1
Some reported QTS vulnerabilities may affect QNAP NAS devices running QTS 4.2.6 and earlier versions. Below are the details for ea ... More
Security Advisory for Notification Center

8. August 2019

+1
A reported Notification Center vulnerability may affect QNAP NAS devices running QTS 4.3.6 and earlier versions. If exploited, the ... More
Security Advisory for Media Streaming Add-on

8. August 2019

+1
A reported Media Streaming add-on vulnerability may affect QNAP NAS devices running QTS 4.2.6 and earlier versions. If exploited, ... More
Security Advisory for Samba

2. August 2019
Two reported Samba 4.0 vulnerabilities may affect QNAP NAS devices running QTS 4.2.6 and earlier versions. Below are the details f ... More

Improper Access Control in Helpdesk

eCh0raix Ransomware

Multiple Vulnerabilities in File Station

Security Advisory for Multiple SMB Vulnerabilities in QTS

Security Advisory for Vulnerabilities in QTS and Photo Station

Security Advisory for Unquoted Service Path Vulnerability in QNAP NetBak Replicator

Security Advisory for Vulnerabilities in File Station, Video Station and Music Station

Security Advisory for Stored XSS Vulnerability in QTS Event Notification

Security Advisory for Vulnerabilities in Photo Station

Security Advisory for Arbitrary File Copy Vulnerability in mod_copy in ProFTPD (CVE-2019-12815)

Security Advisory for Vulnerabilities in Helpdesk, Music Station, and File Station

Security Advisory for Malware QSnatch

Security Advisory for Muhstik Ransomware

Security Advisory for Vulnerability in Music Station

Security Advisory for OpenSSL Vulnerability in QTS

Security Advisory for Vulnerability in QTS and Photo Station

Security Advisory for Access Control on QTS

Security Advisory for Notification Center

Security Advisory for Media Streaming Add-on

Security Advisory for Samba