QNAP Alerts Users to Critical ASP.NET Vulnerability in Backup Software
Originally Published 2 months ago — by BleepingComputer
QNAP has issued a warning about a critical security flaw in its Windows backup software and NetBak PC Agent, related to the CVE-2025-55315 vulnerability in ASP.NET Core, which could allow attackers to hijack credentials or bypass security controls. Users are advised to update their ASP.NET Core runtime or reinstall the affected applications to mitigate risks. This follows previous security updates QNAP released for other vulnerabilities in its backup solutions.