Network-attached storage (NAS) specialist QNAP has disclosed and released fixes for two new vulnerabilities, one of them a zero-day discovered in early November. The Taiwanese company's coordinated disclosure of the issues with researchers at Unit 42 by Palo Alto Networks has, however, led to some confusion over the severity of the security problem. QNAP assigned CVE-2023-50358 a middling 5.8-out-of-10 severity score, the breakdown of which revealed it was classified as a high-complexity attack ...