QNAP warns of critical ASP.NET flaw (CVE-2025-55315) in NetBak PC Agent, letting attackers hijack credentials or bypass security via HTTP smuggling. QNAP urges users to patch a critical ASP.NET Core vulnerability, tracked as CVE-2025-55315 (CVSS score of 9.9), in its NetBak PC Agent for Windows. The flaw resides in the Kestrel server and lets low-privilege […]
First seen on securityaffairs.com
Jump to article: securityaffairs.com/183951/security/critical-asp-net-flaw-hits-qnap-netbak-pc-agent.html
