Firmware & Software

An improper access control vulnerability has been reported to affect certain legacy versions of HBS 3 (Hybrid Backup Sync). If exp ... More

An improper access control vulnerability has been reported to affect certain versions of HBS 3 (Hybrid Backup Sync). If exploited, ... More

DNSpooq vulnerabilities—including DNS cache poisoning and buffer overflow vulnerabilities—have been reported to affect certain ver ... More

An XSS vulnerability has been reported to affect QNAP NAS running QTS and QuTS hero. If exploited, this vulnerability allows attac ... More

A stored XSS vulnerability has been reported to affect QNAP NAS running Q'center. If exploited, this vulnerability allows attacker ... More

A stored XSS vulnerability has been reported to affect QNAP NAS running QuLog Center. If exploited, this vulnerability allows atta ... More

Multiple command injection vulnerabilities have been reported to affect QTS and QuTS hero. If exploited, this vulnerability allows ... More

A command injection vulnerability has been reported to affect QNAP NAS running legacy versions of QTS. If exploited, this vulnera ... More

An SMB out-of-bounds read vulnerability has been reported to affect QNAP NAS running QTS and QuTS hero. If exploited, this vulnera ... More

Insecure storage of sensitive information has been reported to affect QNAP NAS running myQNAPcloud Link. If exploited, this vulner ... More

An improper access control vulnerability has been reported to affect QNAP NAS. If exploited, this vulnerability allows remote atta ... More

Inclusion of sensitive information in the source code has been reported to affect certain QNAP switches running QSS. If exploited, ... More

An out-of-bounds read vulnerability has been reported to affect certain QNAP switches running QSS. If exploited, this vulnerabilit ... More

A DOM-based XSS vulnerability has been reported to affect QNAP NAS running QTS and QuTS hero. If exploited, this vulnerability all ... More

A command injection vulnerability has been reported to affect certain versions of Video Station. If exploited, this vulnerability ... More

A post-authentication reflected XSS vulnerability has been reported to affect QNAP NAS running Q’center. If exploited, this vulner ... More

A ransomware campaign targeting QNAP NAS began the week of April 19th, 2021. The ransomware known as Qlocker exploits CVE-2021-287 ... More

A relative path traversal vulnerability has been reported to affect QNAP NAS running QTS and QuTS hero. If exploited, this vulnera ... More

The QNAP security team has detected an attack campaign in the wild related to a vulnerability in Roon Server. QNAP NAS running the ... More

A command injection vulnerability has been reported to affect certain versions of Malware Remover. If exploited, this vulnerabilit ... More