DeviceSunsetCheck
FR

QNAP

QNAP TS-251: active CVEs, secure or migrate

The QNAP TS-251 was targeted by ransomware campaigns (QLocker, DeadBolt) exploiting CVEs in QTS. The model remains usable with an up-to-date QTS and no Internet exposure.

Risk level
High risk
Category
NAS and storage
Last reviewed
2026-05-23
Confidence
medium

Support status

Check the installed QTS version and consult QNAP security advisories for this model.

Typical symptoms

  • Files encrypted with .deadbolt or .qlocker extension
  • NAS exposed on public ports 8080/443
  • QTS on old unpatched version

Fixes to try

  • Update QTS immediately
  • Disable port forwarding and use VPN
  • Enable QNAP firewall and security notifications

Alternatives

  • QNAP TS-264 (more powerful processor)
  • Synology DS223 (QTS replaced by DSM)
  • Hybrid cloud solution Wasabi + local client

Affiliate links appear only when an approved replacement offer is configured.

Sources to verify