QNAP - Geek Feed

QNAP fixes six Rsync vulnerabilities in NAS backup, recovery app

January 25, 2025January 25, 2025 geekfeed0Tagged Code Execution, Hybrid Backup Sync, QNAP, rce, Remote Code Execution, Rsync, vulnerability

QNAP has fixed six rsync vulnerabilities that could let attackers gain remote code execution on unpatched Network Attached Storage (NAS) devices. Rsync is an open-source file synchronization tool that supports direct file syncing via its daemon, SSH transfers via SSH, and incremental transfers that save time and bandwidth. It’s widely used by many backup solutions […]

2 mins read

QNAP patches second zero-day exploited at Pwn2Own to get root

October 31, 2024October 31, 2024 geekfeed0Tagged NAS, Pwn2Own, Pwn2Own to get root, QNAP, SMB, Zero-Day

QNAP has released security patches for a second zero-day bug exploited by security researchers during last week’s Pwn2Own hacking contest. This critical SQL injection (SQLi) vulnerability, tracked as CVE-2024-50387, was found in QNAP’s SMB Service and is now fixed in versions 4.15.002 or later and h4.15.002 and later. The zero-day flaw was patched one week after […]

2 mins read