Home/QNAP/NAS / Expansion/TS-1270U-RP

TS-1270U-RP

QNAP Storage · NAS / Expansion Series

High confidence Official QNAP notice ↗ Verified
TS-1270U-RP is dead. QNAP support ended (-1386d). Replacement: TS-1273AU-RP.

Is the TS-1270U-RP still supported?

No. QNAP ended support for the TS-1270U-RP on 2022-10-01. No further security fixes will be issued. See QNAP's lifecycle bulletin.

When does the TS-1270U-RP reach end of support?

QNAP support for the TS-1270U-RP ends on 2022-10-01.

What replaces the TS-1270U-RP?

QNAP lists the TS-1273AU-RP as the successor.

What known-exploited CVEs apply to the TS-1270U-RP past end of support?

10 CVEs in CISA's Known Exploited Vulnerabilities catalog apply to the platform the TS-1270U-RP runs. These will not be patched on this device because it is past the QNAP security-support date. See the Known Exploited Vulnerabilities table below for the full list.

Replaced by TS-1273AU-RP

Known Exploited Vulnerabilities

This device is past QNAP's security-support date. 10 CVEs in CISA's Known Exploited Vulnerabilities catalog apply to the platform it runs. QNAP is not issuing patches for this model. Isolate, compensate, or refresh.

CVE KEV added Vulnerability Flags
CVE-2022-27593 QNAP Photo Station Externally Controlled Reference Vulnerability Ransomware
CVE-2019-7195 QNAP Photo Station Path Traversal Vulnerability Ransomware
CVE-2019-7194 QNAP Photo Station Path Traversal Vulnerability Ransomware
CVE-2019-7193 QNAP QTS Improper Input Validation Vulnerability Ransomware
CVE-2019-7192 QNAP Photo Station Improper Access Control Vulnerability Ransomware
CVE-2018-19953 QNAP NAS File Station Cross-Site Scripting Vulnerability Ransomware
CVE-2018-19949 QNAP NAS File Station Command Injection Vulnerability Ransomware
CVE-2018-19943 QNAP NAS File Station Cross-Site Scripting Vulnerability Ransomware
CVE-2020-2509 QNAP Network-Attached Storage (NAS) Command Injection Vulnerability
CVE-2021-28799 QNAP NAS Improper Authorization Vulnerability Ransomware

Source: CISA Known Exploited Vulnerabilities catalog. The Ransomware flag reflects CISA's own knownRansomwareCampaignUse field, set when the CVE has been observed in ransomware campaigns per their threat intel. It's not a property of the vulnerability description itself.

Correlation is at the platform level, not per-OS-version. Not exhaustive: KEV only lists actively-exploited CVEs and many relevant unexploited vulnerabilities are not here. Verify against vendor security advisories (PSIRT, JSA, PAN-SA) and NVD before acting. See compensating controls if refresh isn't immediate.

TS-1270U-RP Lifecycle Overview

The QNAP TS-1270U-RP is a storage product in the QNAP NAS / Expansion series. This product has reached end of life as of , meaning QNAP no longer provides technical support, software updates, or hardware replacement for this product. Organizations still running the TS-1270U-RP should plan a migration to TS-1273AU-RP.

Lifecycle Milestones

End of software maintenance 8y 4mo ago
End of security vulnerability support 3y 10mo ago
Last date of support 3y 10mo ago
Applicable Platforms
↑ Top