Security News > 2024 > March > QNAP warns of critical auth bypass flaw in its NAS devices

QNAP warns of critical auth bypass flaw in its NAS devices
2024-03-08 20:03

QNAP warns of vulnerabilities in its NAS software products, including QTS, QuTS hero, QuTScloud, and myQNAPcloud, that could allow attackers to access devices.

NAS devices often store large amounts of valuable data for businesses and individuals, including sensitive personal information, intellectual property, and critical business data.

For all these reasons, NAS devices are often targeted for data theft and extortion.

Some ransomware operations previously known for targeting QNAP devices are DeadBolt, Checkmate, and Qlocker.

These groups have launched numerous attack waves against NAS users, sometimes leveraging zero-day exploits to breach fully patched devices.

JetBrains warns of new TeamCity auth bypass vulnerability.


News URL

https://www.bleepingcomputer.com/news/security/qnap-warns-of-critical-auth-bypass-flaw-in-its-nas-devices/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Qnap 80 4 97 122 76 299