Cyber Security News

QNAP warns of critical ASP.NET flaw in its Windows backup software

BleepingComputer
QNAP warns of critical ASP.NET flaw in its Windows backup software

QNAP issues a security warning urging users to patch a critical ASP.NET Core vulnerability (CVE-2025-55315) that affects the NetBak PC Agent, risking credential hijacking and security bypass. Applying the latest updates mitigates potential exploitation by attackers targeting ASP.NET applications. #CVE-2025-55315 #ASP.NETCore

Keypoints

  • QNAP warns about a critical ASP.NET Core security vulnerability affecting the NetBak PC Agent.
  • The flaw, CVE-2025-55315, allows low-privilege attackers to hijack credentials and bypass security controls.
  • Users must update ASP.NET Core runtimes manually or by reinstalling the NetBak PC Agent.
  • Successful exploitation can lead to unauthorized data access, server file modification, or DoS conditions.
  • Earlier in the year, QNAP also patched multiple rsync vulnerabilities in its backup solutions.

Read More: https://www.bleepingcomputer.com/news/security/qnap-warns-its-windows-backup-software-is-also-affected-by-critical-aspnet-flaw/

SHARE THIS STORY

WhatsAppX (Twitter)TelegramBlueskyFacebookLinkedInThreadsEmailPrint