<ul><li>QNAP addressed the second zero-day vulnerability demonstrated by security researchers during the recent Pwn2Own Ireland 2024.</li><li>The vulnerability is a SQL injection (SQLi) issue that impacts the QNAP's SMB Service.</li><li>The researcher YingMuo (@YingMuo) of the DEVCORE Internship Program exploited the vulnerability to achieve a root shell on the QNAP TS-464 NAS.</li><li>QNAP also addressed another critical zero-day vulnerability, an OS command injection issue in HBS 3 Hybrid Backup Sync.</li></ul>

QNAP fixed second zero-day demonstrated at Pwn2Own Ireland 2024

Discover more