- Remote Code Execution
- Information Disclosure
- Security Restriction Bypass
System / Technologies affected
- NVR Storage Expansion version prior to 1.0.6 (2021/08/03)
- QGD-1600P: QuNetSwitch version prior to 18.104.22.1689
- QGD-1602P: QuNetSwitch version prior to 22.214.171.1249
- QGD-3014PT: QuNetSwitch version prior to 126.96.36.1999
- QSW-M2116P-2T2S 1.0.6 build prior to 210713
- QTS 188.8.131.523 build prior to 20210624
- QTS 184.108.40.2060 build prior to 20210730
- QTS 4.3.6: QUSBCam2 version prior to 1.1.4 ( 2021/07/30 )
- QTS 220.127.116.115 build prior to 20210630
- QTS 4.5.4: QUSBCam2 version prior to 1.1.4 (2021/07/30)
- QTS 18.104.22.1686 build prior to 20210701
- QuTS hero h4.5.3: QUSBCam2 version prior to 1.1.4 (2021/07/30)
- QuTS hero h22.214.171.1241 build prior to 20210825
- QuTScloud c126.96.36.1995 build prior to 20210809
- QuTScloud version prior to c188.8.131.525
Before installation of the software, please visit the vendor web-site for more details.
- Apply fixes issued by the vendor:
NVR Storage Expansion 1.0.6 (2021/08/03) and later
QGD-1600P: QuNetSwitch 184.108.40.2069 and later
QGD-1602P: QuNetSwitch 220.127.116.119 and later
QGD-3014PT: QuNetSwitch 18.104.22.1689 and later
QSW-M2116P-2T2S 1.0.6 build 210713 and later
QTS 22.214.171.1243 build 20210624 and later
QTS 126.96.36.1990 build 20210730 and later
QTS 4.3.6: QUSBCam2 1.1.4 ( 2021/07/30 ) and later
QTS 188.8.131.525 build 20210630 and later
QTS 4.5.4: QUSBCam2 1.1.4 (2021/07/30) and later
QTS 184.108.40.2066 build 20210701 and later
QuTS hero h4.5.3: QUSBCam2 1.1.4 (2021/07/30) and later
QuTS hero h220.127.116.111 build 20210825 and later
QuTScloud c18.104.22.1685 and later
QuTScloud c22.214.171.1245 build 20210809 and later
Updating QTS, QuTS hero, or QuTScloud
- Log on to QTS, QuTS hero, or QuTScloud as administrator.
- Go to Control Panel > System > Firmware Update.
- Under Live Update, click Check for Update.
QTS, QuTS hero, or QuTScloud downloads and installs the latest available update.
Tip: You can also download the update from the QNAP website. Go to Support > Download Center and then perform a manual update for your specific device.
Updating QUSBCam2, NVR Storage Expansion, or QuNetSwitch
- Log on to QTS or QuTS hero as administrator.
- Open the App Center and then click .
A search box appears.
- Type “QUSBCam2”, “NVR Storage Expansion“, or “QuNetSwitch” and then press ENTER.
QUSBCam2, NVR Storage Expansion, or QuNetSwitch appears in the search results.
- Click Update.
A confirmation message appears.
Note: The Update button is not available if your QUSBCam2, NVR Storage Expansion, or QuNetSwitch is already up to date.
- Click OK.
The application is updated.
Is your business effected by Cyber Crime?
If a cyber crime or cyber attack happens to you, you need to respond quickly. Cyber crime in its several formats such as online identity theft, financial fraud, stalking, bullying, hacking, e-mail fraud, email spoofing, invoice fraud, email scams, banking scam, CEO fraud. Cyber fraud can lead to major disruption and financial disasters. Digitpol can assist with all stages of cyber related incidents.
Contact Digitpol’s hotlines or respond to us online.
UK +44 20 8089 9944