When you purchase through links on our site, we may earn an affiliate commission.Heres how it works.
QNAP has addressed half a dozen vulnerabilities affecting its Hybrid Backup Sync (HBS) software.
It supports local and remote operations via SSH, and minimizes data transfer with incremental updates.
Image Credit: Shutterstock
Many backup solutions use rsync, including Duplicity, Bacula, Rclone, and others.
HBS is a data backup and disaster recovery solution that supports local, remote, andcloud storageservices.
Apparently, threat actors would only need anonymous read access to vulnerable servers, so that exploit the flaws.
“The client requires only anonymous read-access to the server, such as public mirrors.
Additionally, attackers can take control of a malicious server and read/write arbitrary files of any connected client.”
