QNAP NAS Multiple Vulnerabilities
Release Date:
10 Mar 2025
219
Views
RISK: Medium Risk
TYPE: Servers - Other Servers
Multiple vulnerabilities were identified in QNAP NAS. A remote attacker could exploit some of these vulnerabilities to trigger spoofing, security restriction bypass, denial of service condition, remote code execution, sensitive information disclosure and data manipulation on the targeted system.
Impact
- Remote Code Execution
- Denial of Service
- Information Disclosure
- Data Manipulation
- Security Restriction Bypass
- Spoofing
System / Technologies affected
- File Station 5 version 5.5.x
- HBS 3 Hybrid Backup Sync 25.1.x
- Helpdesk 3.3.x
- Qfinder Pro for Mac 7.11.x
- Qsync Client for Mac 5.1.x
- QTS 4.5.x
- QTS 5.1.x
- QTS 5.2.x
- QuLog Center 1.7.x
- QuLog Center 1.8.x
- QuRouter 2.4.x
- QuTS hero h4.5.x
- QuTS hero h5.1.x
- QuTS hero h5.2.x
- QuTS hero h5.x
- QVPN Device Client for Mac 2.2.x
Solutions
Before installation of the software, please visit the vendor web-site for more details.
Apply fixes issued by the vendor:
- https://www.qnap.com/en/security-advisory/qsa-24-51
- https://www.qnap.com/en/security-advisory/qsa-24-53
- https://www.qnap.com/en/security-advisory/qsa-24-52
- https://www.qnap.com/en/security-advisory/qsa-24-54
- https://www.qnap.com/en/security-advisory/qsa-24-55
- https://www.qnap.com/en/security-advisory/qsa-25-01
- https://www.qnap.com/en/security-advisory/qsa-25-03
- https://www.qnap.com/en/security-advisory/qsa-25-05
- https://www.qnap.com/en/security-advisory/qsa-25-06
- https://www.qnap.com/en/security-advisory/qsa-25-07
Vulnerability Identifier
- CVE-2024-13086
- CVE-2024-38638
- CVE-2024-48864
- CVE-2024-50390
- CVE-2024-50394
- CVE-2024-50405
- CVE-2024-53692
- CVE-2024-53693
- CVE-2024-53694
- CVE-2024-53695
- CVE-2024-53696
- CVE-2024-53697
- CVE-2024-53698
- CVE-2024-53699
- CVE-2024-53700
Source
Related Link
- https://www.qnap.com/en/security-advisory/qsa-24-51
- https://www.qnap.com/en/security-advisory/qsa-24-53
- https://www.qnap.com/en/security-advisory/qsa-24-52
- https://www.qnap.com/en/security-advisory/qsa-24-54
- https://www.qnap.com/en/security-advisory/qsa-24-55
- https://www.qnap.com/en/security-advisory/qsa-25-01
- https://www.qnap.com/en/security-advisory/qsa-25-03
- https://www.qnap.com/en/security-advisory/qsa-25-05
- https://www.qnap.com/en/security-advisory/qsa-25-06
- https://www.qnap.com/en/security-advisory/qsa-25-07
Related Tags
Share with