Stay informed on the latest QNAP security updates and vulnerabilities. Protect your network-attached storage with expert insights and tips.
Search across headline titles and summaries.
Background for this topic.
QNAP is a company that specializes in creating Network Attached Storage (NAS) solutions, which are widely used for storing and sharing large amounts of data across networks. In the context of information security, QNAP devices have been the target of various malware attacks and vulnerabilities. Issues have ranged from ransomware infections to unauthorized access exploits, prompting frequent security updates and advisories for users.
Security professionals and QNAP device owners closely monitor these developments to ensure protective measures are in place. This includes applying firmware updates, using strong passwords, managing user permissions effectively, and employing additional network security mechanisms. As NAS devices often contain sensitive personal or business data, their security is critical in safeguarding against data breaches, loss, and unauthorized access.
Weekly headline count for the current query.
QNAP has fixed seven zero-day vulnerabilities that security researchers exploited to hack QNAP network-attached storage (NAS) devices during the Pwn2Own Ireland 2025 competition. [...]
QNAP warned customers to patch a critical ASP.NET Core vulnerability that also impacts the company's NetBak PC Agent, a Windows utility for backing& up data to a QNAP network-attached storage (NAS) device. [...]
Cybersecurity researchers have shed light on the inner workings of a botnet malware called PolarEdge
Thousands of ASUS routers have been infected and are believed to be part of a wide-ranging ORB network affecting devices from Linksys, D-Link, QNAP, and Araknis Network.
A new malware campaign has been observed targeting edge devices from Cisco, ASUS, QNAP, and Synology to rope them into a botnet named PolarEdge since at least the end of 2023
QNAP has fixed six rsync vulnerabilities that could let attackers gain remote code execution on unpatched Network Attached Storage (NAS) devices. [...]
Exploits Could Allow Remote Command Execution and AccessThe Taiwanese NAS maker QNAP Systems on Saturday patched multiple flaws in its operating system and applications that could allow attackers to compromise network storage devices. The patch also included multiple flaws in QNAP's router operating system QuRouter OS.
Just what you want to find when you start a new week Taiwanese NAS maker QNAP addressed 24 vulnerabilities across various products over the weekend.…
QNAP has released security bulletins over the weekend, which address multiple vulnerabilities, including three critical severity flaws that users should address as soon as possible. [...]
QNAP has pulled a recently released firmware update after widespread customer reports that it's breaking connectivity and, in some cases, locking users out of their devices. [...]
QNAP has fixed a second zero-day vulnerability exploited at the Pwn2Own Ireland 2024 hacking contest to gain a root shell and take over a TS-464 NAS device. [...]
QNAP has fixed a critical zero-day vulnerability exploited by security researchers on Thursday to hack a TS-464 NAS device during the Pwn2Own Ireland 2024 competition. [...]
The third day of Pwn2Own Ireland 2024 continued to showcase the expertise of white hat hackers as they exposed 11 zero-day vulnerabilities, adding $124,750 to the total prize pool, which now stands at $874,875. [...]
The third day of Pwn2Own Ireland 2024 continued to showcase the expertise of white hat hackers as they exposed 11 zero-day vulnerabilities, adding $124,750 to the total prize pool, which now stands at $874,875. [...]
Taiwanese hardware vendor QNAP has added a Security Center with ransomware protection capabilities to the latest version of its QTS operating system for network-attached storage (NAS) devices. [...]
Taiwanese company QNAP has rolled out fixes for a set of medium-severity flaws impacting QTS and QuTS hero, some of which could be exploited to achieve code execution on its network-attached storage (NAS) appliances
An extensive security audit of QNAP QTS, the operating system for the company's NAS products, has uncovered fifteen vulnerabilities of varying severity, with eleven remaining unfixed. [...]
WatchTowr publishes report claiming vendor failed to issue fixes after four months Infosec boffins say they were forced to go public after QNAP failed to fix various vulnerabilities that were reported to it months ago.…
Taiwanese Hardware Manufacturer Fixes Improper Authentication FlawQNAP Systems on Saturday released a patch for a critical bug that allows unauthorized access to devices without authentication. The issue affects its QTS, QuTS hero, and QuTScloud products and potentially exposes network-attached storage devices to unauthorized access.
QNAP warns of vulnerabilities in its NAS software products, including QTS, QuTS hero, QuTScloud, and myQNAPcloud, that could allow attackers to access devices. [...]