Firmware & Software

An issue was discovered in SaltStack versions before Salt 2019.2.4 and Salt 3000 before 3000.2. The salt-master process ClearFuncs ... More

This improper access control vulnerability in Helpdesk allows attackers to get control of QNAP Kayako service. Attackers can acces ... More

The eCh0raix ransomware (MR1904) has been reported to target QNAP NAS devices and exploit certain vulnerabilities in earlier versi ... More

Three vulnerabilities have been reported to affect earlier versions of QTS. CVE-2018-19943: If exploited, this cross-site script ... More

Three vulnerabilities have been reported to affect all versions of SMB in QTS. CVE-2019-10218: Malicious servers can cause Samba ... More

Several vulnerabilities have been reported to affect multiple versions of QTS and Photo Station. CVE-2019-7192: This improper acc ... More

An unquoted service path vulnerability is reported to affect the service “QVssService” in QNAP NetBak Replicator. This ... More

Several vulnerabilities have been reported to affect multiple versions of QTS, Video Station and Music Station. CVE-2018-7183: T ... More

A stored cross-site scripting (XSS) vulnerability has been reported to affect multiple versions of QTS. If exploited, this vulnera ... More

Several vulnerabilities have been reported to affect multiple versions of QTS and Photo Station. CVE-2019-7192: This improper acc ... More

An arbitrary file copy vulnerability in mod_copy in ProFTPD allows for remote code execution and information disclosure without au ... More

Three vulnerabilities are reported to affect all versions of Helpdesk, Music Station, and File Station. CVE-2018-0728: This impr ... More

The QSnatch malware is reportedly being used to target QNAP NAS devices. The National Cyber Security Center Finland (NCSC-FI) has ... More

The Muhstik ransomware is reported to be used to target QNAP NAS devices. Devices using weak passwords and outdated QTS firmware o ... More

Summary A reported vulnerability may affect Music Station. If exploited, the vulnerability may allow an attacker to inject arbitra ... More

Summary A reported OpenSSL vulnerability may affect QNAP NAS devices running QTS 4.4.1 build 20190818, QTS 4.3.6 build 20190813, a ... More

Multiple vulnerabilities have been reported to affect versions of QTS and Photo Station. If exploited, these vulnerabilities may a ... More

Some reported QTS vulnerabilities may affect QNAP NAS devices running QTS 4.2.6 and earlier versions. Below are the details for ea ... More

A reported Notification Center vulnerability may affect QNAP NAS devices running QTS 4.3.6 and earlier versions. If exploited, the ... More

A reported Media Streaming add-on vulnerability may affect QNAP NAS devices running QTS 4.2.6 and earlier versions. If exploited, ... More