ZDI-26-292: QNAP TS-453E QVRPro excpostgres Exposed Dangerous Method Remote Code Execution Vulnerability
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of QNAP TS-453E devices. Authentication is not required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 8.8. The following CVEs are assigned: CVE-2026-22898.
ORIGINAL SOURCE →via Zero Day Initiative
ADVERTISEMENT
⚡ STAY AHEAD
Events like this, convergence-verified across 689 sources, land in your inbox every Sunday. Free.
GET THE SUNDAY BRIEFING →RELATED · cyber
- [CYBER] Lazarus Lures Developers With Backdoored Coding Tests
- [CYBER] Recent Microsoft Defender Vulnerability Exploited as Zero-Day
- [CYBER] Microsoft Graph API misused by new GoGra Linux malware for hidden communication
- [CYBER] Xinference PyPI Breach Exposes Developers to Cloud Credential Theft
- [CYBER] Any Chance Something Happened?
- [CYBER] Fake Wallpaper App, YouTube Channel Used to Spread notnullOSX Malware