QNAP has warned customers of security flaw (CVE-2019-11043) in some of their products. A remote attacker can exploit these vulnerabilities to trigger remote code execution on the targeted system. The vulnerability currently affects the following QNAP operating system - QuTScloud version c5.0.x, QTS versions 5.0.x, 4.5.x, QuTS hero versions h5.0.x, h4.5.x. Vulnerabilities were fixed in QTS 5.0.1.2034 build 20220515 and QuTS hero h5.0.0.2069 build 20220614.

More information on vulnerability and updates is available in QNAP security advisory – qnap.com.