CyberHappenings logo
Home Browse About

Track cybersecurity events as they unfold. Sourced timelines. Filter, sort, and browse. Fast, privacy‑respecting. No invasive ads, no tracking.

Critical ASP.NET Core vulnerability in QNAP NetBak PC Agent

First reported
Last updated
1 unique sources, 1 articles

Summary

Hide ▲

QNAP has warned users of a critical ASP.NET Core vulnerability affecting its NetBak PC Agent, a Windows utility for backing up data to QNAP NAS devices. The flaw, tracked as CVE-2025-55315, allows attackers with low privileges to hijack credentials or bypass security controls via HTTP request smuggling. Users are advised to update their systems to mitigate the risk. The vulnerability impacts systems running NetBak PC Agent due to its dependency on Microsoft ASP.NET Core components. Successful exploitation could lead to unauthorized access, data modification, or denial-of-service conditions.

Timeline

  1. 27.10.2025 18:55 1 articles · 23h ago

    QNAP issues warning about critical ASP.NET Core vulnerability in NetBak PC Agent

    QNAP has alerted users of a critical ASP.NET Core vulnerability affecting its NetBak PC Agent. The flaw, CVE-2025-55315, allows attackers to hijack credentials or bypass security controls. Users are advised to update their systems to mitigate the risk. The vulnerability impacts systems running NetBak PC Agent due to its dependency on Microsoft ASP.NET Core components. Successful exploitation could lead to unauthorized access, data modification, or denial-of-service conditions.

    Show sources
    Open in new tab

Information Snippets