Important updates secure Qnap’s NAS operating systems QES and QTS.

(Image: Tatiana Popova / Shutterstock.com)

Security gaps in the QES and QTS systems endanger several Qnap NAS models. The risk is generally considered to be ” high “. Secure versions are available for download.

The QES and QTS operating systems adapt their functions to different needs. For example, QES is used on network storage in companies. The system compresses data and offers snapshot functions.

If attackers successfully exploit the gaps, they could be used for For example, execute your own commands in the system or access information that is actually isolated. Due to a hard-coded password, attackers could access systems.

Update now! To bring a NAS up to date, you have to be logged in as an admin. In the “Control Panel” you can find the “Firmware Update” function under “System”. Qnap has compiled further information on the vulnerabilities and the secured QES and QTS versions in these warning messages:

Multiple Vulnerabilities in QES Command Injection Vulnerability in QES Hard-coded Password Vulnerability in QES Command Injection Vulnerability in QTS and QuTS hero (of)