Qnap: >> Netbak Replicator Security Vulnerabilities
An unquoted search path or element vulnerability has been reported to affect NetBak Replicator. If a local attacker gains a user account, they can then exploit the vulnerability to execute unauthorized code or commands.
We have already fixed the vulnerability in the following version:
NetBak Replicator 4.5.15.0807 and later
CVSS Score
7.8
EPSS Score
0.0
Published
2025-10-03
An unquoted service path vulnerability is reported to affect the service QVssService in QNAP NetBak Replicator. This vulnerability could allow an authorized but non-privileged local user to execute arbitrary code with elevated system privileges. QNAP have already fixed this issue in QNAP NetBak Replicator 4.5.12.1108.
CVSS Score
7.8
EPSS Score
0.0
Published
2019-12-04