QNAP Archives • Daily CyberSecurity

Critical 9.3 CVSS Flaw in QNAP QVR Pro Exposes Surveillance Systems QNAP QVR Pro Vulnerability CVE-2026-22898 CVE-2022-27595 - CVE-2024-48860 & CVE-2024-48861

QNAP QVR Pro Vulnerability CVE-2026-22898 CVE-2022-27595 - CVE-2024-48860 & CVE-2024-48861

Critical 9.3 CVSS Flaw in QNAP QVR Pro Exposes Surveillance Systems

Do Son March 21, 2026

QNAP Systems, Inc. has issued a critical security advisory for users of its QVR Pro surveillance solution....

QNAP Patches High-Severity SQL Injection and Path Traversal Flaws QNAP Security Patches, NAS Vulnerabilities ASP.NET, QNAP CVE-2023-39296 PoC - CVE-2024-50394

QNAP Security Patches, NAS Vulnerabilities ASP.NET, QNAP CVE-2023-39296 PoC - CVE-2024-50394

QNAP Patches High-Severity SQL Injection and Path Traversal Flaws

Do Son January 5, 2026

Network-attached storage giant QNAP has issued a sweeping set of security advisories, patching critical vulnerabilities that could...

Critical Warning: QNAP Patches Seven Zero-Days Exploited at Pwn2Own 2025 QNAP Zero-Day, Pwn2Own Exploit CVE-2024-21899 - QNAP QTS vulnerability

Critical Warning: QNAP Patches Seven Zero-Days Exploited at Pwn2Own 2025

Do Son November 8, 2025

QNAP has issued an urgent security advisory and released patches for seven zero-day vulnerabilities that were successfully...

Critical .NET Flaw (CVE-2025-55315) in QNAP: NAS Backup Utility Vulnerable to Credential Theft QNAP Security Patches, NAS Vulnerabilities ASP.NET, QNAP CVE-2023-39296 PoC - CVE-2024-50394

Critical .NET Flaw (CVE-2025-55315) in QNAP: NAS Backup Utility Vulnerable to Credential Theft

Do Son October 28, 2025

Earlier, Microsoft released a security update to address a critical vulnerability in ASP.NET, identified as CVE-2025-55315 with...

Sekoia Exposes PolarEdge Backdoor: Custom mbedTLS C2 Compromising Cisco, QNAP, and Synology Devices PolarEdge TLS Backdoor, Custom C2

Sekoia Exposes PolarEdge Backdoor: Custom mbedTLS C2 Compromising Cisco, QNAP, and Synology Devices

Do Son October 15, 2025

Sekoia Threat Detection & Response (TDR) researchers have published an in-depth technical analysis of the PolarEdge Backdoor,...

QNAP Fixes High-Severity Flaws: NetBak Replicator RCE and SQL Injection in Qsync Central CVE-2024-27124 QNAP Vulnerabilities, NetBak Replicator

CVE-2024-27124 QNAP Vulnerabilities, NetBak Replicator

QNAP Fixes High-Severity Flaws: NetBak Replicator RCE and SQL Injection in Qsync Central

Do Son October 6, 2025

QNAP has issued a new security advisory addressing multiple vulnerabilities in two of its widely used utilities—NetBak...

QNAP Patches Critical Flaw (CVE-2025-52856) with CVSS 9.3 QNAP Vulnerabilities CVE-2025-52856

QNAP Patches Critical Flaw (CVE-2025-52856) with CVSS 9.3

Do Son August 29, 2025

QNAP has released a security advisory addressing multiple vulnerabilities affecting the QVR firmware on legacy VioStor NVR...

QNAP Fixes SQL Injection and Certificate Validation Flaws in Qsync Central and File Station 5 QNAP Vulnerabilities CVE-2025-52856

QNAP Fixes SQL Injection and Certificate Validation Flaws in Qsync Central and File Station 5

Do Son June 9, 2025

QNAP Systems, Inc. has released patches addressing multiple high-severity vulnerabilities in its Qsync Central and File Station...

CVE-2024-50394: QNAP Helpdesk Vulnerability Could Allow Remote System Compromise QNAP Security Patches, NAS Vulnerabilities ASP.NET, QNAP CVE-2023-39296 PoC - CVE-2024-50394

CVE-2024-50394: QNAP Helpdesk Vulnerability Could Allow Remote System Compromise

Do Son March 8, 2025

QNAP has issued a security advisory regarding an improper certificate validation vulnerability in its Helpdesk app. The...

CVE-2024-53691: PoC Exploit Released for Severe QNAP RCE Flaw CVE-2024-53691 PoC exploit

CVE-2024-53691: PoC Exploit Released for Severe QNAP RCE Flaw

Do Son January 16, 2025

Security researcher c411e published a proof-of-concept (PoC) exploit code for a severe vulnerability in QNAP NAS devices,...

QNAP Addresses High Severity Vulnerabilities in License Center and Operating Systems QNAP Zero-Day, Pwn2Own Exploit CVE-2024-21899 - QNAP QTS vulnerability

QNAP Addresses High Severity Vulnerabilities in License Center and Operating Systems

Do Son December 8, 2024

QNAP, a leading provider of network-attached storage (NAS) solutions, has issued a security advisory addressing multiple vulnerabilities...

CVE-2024-48860 (CVSS 9.5): Critical Flaw in QNAP QuRouter, Immediate Update Recommended QNAP QVR Pro Vulnerability CVE-2026-22898 CVE-2022-27595 - CVE-2024-48860 & CVE-2024-48861

CVE-2024-48860 (CVSS 9.5): Critical Flaw in QNAP QuRouter, Immediate Update Recommended

Do Son November 25, 2024

QNAP has issued a security advisory urging users of its QuRouter network appliance to update their devices...

QNAP Patches Zero-Day Flaw CVE-2024-50389 in QuRouter Following Pwn2Own Ireland 2024 Exploits CVE-2024-50387 & CVE-2024-50389 QuRouter

QNAP Patches Zero-Day Flaw CVE-2024-50389 in QuRouter Following Pwn2Own Ireland 2024 Exploits

Do Son November 4, 2024

Taiwanese tech giant QNAP has moved quickly to address a critical zero-day vulnerability in its QuRouter network...

QNAP Patches Critical Zero-Day Exploited at Pwn2Own Ireland 2024 – CVE-2024-50388

Do Son October 30, 2024

QNAP has swiftly addressed a critical zero-day vulnerability in its HBS 3 Hybrid Backup Sync software, following...

CVE-2024-32766 (CVSS 10) – QNAP Vulnerability: Hackers Can Hijack Your NAS CVE-2024-27124 QNAP Vulnerabilities, NetBak Replicator

CVE-2024-32766 (CVSS 10) – QNAP Vulnerability: Hackers Can Hijack Your NAS

Do Son April 28, 2024

QNAP, a leading manufacturer of network attached storage (NAS) devices, has issued an urgent security advisory to...

CVE-2024-21899 (CVSS 9.8): Critical QNAP Flaw Opens Door to Hackers QNAP Zero-Day, Pwn2Own Exploit CVE-2024-21899 - QNAP QTS vulnerability

CVE-2024-21899 (CVSS 9.8): Critical QNAP Flaw Opens Door to Hackers

Do Son March 8, 2024

QNAP has issued a critical security advisory regarding multiple vulnerabilities impacting their NAS software solutions. These vulnerabilities,...

CVE-2023-50358: A zero-day vulnerability affecting QNAP NAS devices

Do Son February 13, 2024

A severe zero-day vulnerability (CVE-2023-50358) has been discovered in QNAP Network Attached Storage (NAS) devices. This flaw...

Decoding the CVE-2023-39296 Vulnerability: A Technical and PoC Analysis QNAP Security Patches, NAS Vulnerabilities ASP.NET, QNAP CVE-2023-39296 PoC - CVE-2024-50394