Compatibility

• QTS 4.3.3 is the final available firmware version for the following NAS models: TS-112P, TAS-168, TAS-268. QNAP will keep releasing security updates for these models until the end of support. For details, see https://www.qnap.com/en/product/eol.php.

Important Notes

• For the status of QTS updates and maintenance for your NAS model, visit https://www.qnap.com/en/product/eol.php

Fixed Issues

• Fixed a local security bypass vulnerability in ProFTPD (CVE-2017-7418).
• Fixed a NULL pointer dereference vulnerability in ProFTPD (CVE-2019-19269).
• Fixed an improper certificate validation vulnerability in ProFTPD (CVE-2019-19270).
• Fixed a denial of service vulnerability in ProFTPD (CVE-2019-18217).
• Fixed a NULL pointer dereference vulnerability in ProFTPD (CVE-2019-19272).
• Fixed an improper certificate validation vulnerability in ProFTPD (CVE-2019-19271).
• Fixed a use-after-free vulnerability in ProFTPD that could be exploited for arbitrary code execution (CVE-2020-9273).
• Fixed an out-of-bounds read vulnerability in ProFTPD (CVE-2020-9272).
• Fixed a UDP flood denial-of-service vulnerability in Samba Active Directory Domain Controller (AD DC).
• Fixed a resource exhaustion vulnerability in Samba Active Directory domain controller (CVE-2020-10745).