Connect with us

Hi, what are you looking for?


QNAP NAS users should download this update immediately

PSA: Anyone using a QNAP NAS while running nginx and php-fpm should probably update its firmware now. QNAP has released a security update addressing an nginx vulnerability, the latest in a series of security issues facing the company since January.

The NAS company announced this week that it has fixed a vulnerability affecting PHP versions 7.1.x, 7.1.33, 7.2.x, 7.2.24, 7.3.x, and 7.3.11. Attackers could exploit it to gain remote execution on QNAP operating systems.

The affected OS versions include QTS 5.0 and 4.5, along with QuTS hero h5.0, 4.5, and c5.0. QTS 5.0.1 build 20220515 and later as well as QuTS hero h5.0.0.2069 build 20220614 and later are safe. The exploit only works in systems running nginx, which QNAP NAS systems don’t have installed by default.

To install the update, first log on to QTS, QuTS hero, or QuTScloud as administrator. Then, navigate to Control Panel > System > Firmware Update. Select Live Update > Check for Update. Users can also manually download the update from QNAP’s website.

This problem isnt related to the Deadbolt ransomware attacks that have hit QNAP NAS users over the last several months. The company caught some flak for forcing auto-updates through its complex multi-layered firmware system in response, which caused unexpected data loss for some users.

QNAP detected another Deadbolt campaign last week, but its latest firmware isnt vulnerable.

Advertisement. Scroll to continue reading.

Click to comment

Leave a Reply


Top Stories

The Los Angeles Times reported Friday that recently opened NFT-themed burger joint Bored & Hungry no longer accepts cryptocurrency as a form of payment...

Online Business Success

Finance Minsiter Miftah Ismail delivers the budget widening speech in the National Assembly on June 24, 2022. Screengrab Govt withdraws tax relief to salaried...

Top Stories

Bitcoin hit a 2022 low at $17,580 on June 18 and many traders are hopeful that this was the bottom, but (BTC) has been...

Top Stories

Chainalysis head of international policy Caroline Malcolm expects Australia’s new rules governing crypto advertising, promotion and consumer safeguards to follow a similar path to...

Top Stories

A YouTuber started traveling the world to see whether he could survive solely on Bitcoin as a means of payment. In the latest episode...


GamesBeat’s Rachel Kaser is furious about the Supreme Court’s failure to protect her rights and freedom. What’s the games industry gonna do?Read More


You May Also Like


Introductions get a lot of attention. I’ve explored the topic of how to write them even though as a reader, I always skip them....

Online Business Success

The internet is now our nervous system. We are constantly streaming and buying and watching and liking, our brains locked into the global information...

SEO Guide

There are all kinds of pictures of the world on the internet, but to find one of these specific pictures that you want to...

Online Business Success

You can think of link building in many ways. I like to call it tedious, painful, and a test of patience. It’s also necessary...