QNAP Patches Critical Flaw in HBS 3 to Prevent Remote Attacks

Red | Vulnerability Report
Download PDF

QNAP has patched a critical vulnerability, tracked as CVE-2024-50388, that was exploited to hack a TS-464 NAS device during the Pwn2Own Ireland 2024 competition. This vulnerability pertains to OS command injection within HBS 3 Hybrid Backup Sync version 25.1.x, which is QNAP’s solution for disaster recovery and data backup.

What’s new on HivePro

Get through updates and upcoming events, and more directly in your inbox