CVE-2025-59380

🗓️ 02 Jan 2026 15:18:56Reported by qnapType

Path traversal in QTS and QuTS hero lets an admin read system files; fixed in later builds.

Reporter	Title	Published	Views	Family All 8
CNNVD	QNAP Systems QTS和QNAP Systems QuTS hero 路径遍历漏洞	2 Jan 202600:00	–	cnnvd
Cvelist	CVE-2025-59380 QTS, QuTS hero	2 Jan 202615:18	–	cvelist
EUVD	EUVD-2026-0668	2 Jan 202615:18	–	euvd
NVD	CVE-2025-59380	2 Jan 202616:16	–	nvd
Positive Technologies	PT-2026-1096	2 Jan 202600:00	–	ptsecurity
RedhatCVE	CVE-2025-59380	3 Jan 202615:54	–	redhatcve
Tenable Nessus	Qnap QTS and QuTS hero Improper Limitation of a Pathname to a Restricted Directory (CVE-2025-59380)	20 Jan 202600:00	–	nessus
Vulnrichment	CVE-2025-59380 QTS, QuTS hero	2 Jan 202615:18	–	vulnrichment

NVD

CNA

Node

qnap qtsMatch5.2.0.2737build_20240417

qnap qtsMatch5.2.0.2744build_20240424

qnap qtsMatch5.2.0.2782build_20240601

qnap qtsMatch5.2.0.2802build_20240620

qnap qtsMatch5.2.0.2823build_20240711

qnap qtsMatch5.2.0.2851build_20240808

qnap qtsMatch5.2.0.2860build_20240817

qnap qtsMatch5.2.1.2930build_20241025

qnap qtsMatch5.2.2.2950build_20241114

qnap qtsMatch5.2.3.3006build_20250108

qnap qtsMatch5.2.4.3070build_20250312

qnap qtsMatch5.2.4.3079build_20250321

qnap qtsMatch5.2.4.3092build_20250403

qnap qtsMatch5.2.5.3145build_20250526

qnap qtsMatch5.2.6.3195build_20250715

qnap qtsMatch5.2.6.3229build_20250818

qnap qtsMatch5.2.7.3256build_20250913

qnap qtsMatch5.2.7.3297build_20251024

Node

qnap quts_heroMatchh5.2.0.2737build_20240417

qnap quts_heroMatchh5.2.0.2782build_20240601

qnap quts_heroMatchh5.2.0.2789build_20240607

qnap quts_heroMatchh5.2.0.2802build_20240620

qnap quts_heroMatchh5.2.0.2823build_20240711

qnap quts_heroMatchh5.2.0.2851build_20240808

qnap quts_heroMatchh5.2.0.2860build_20240817

qnap quts_heroMatchh5.2.1.2929build_20241025

qnap quts_heroMatchh5.2.1.2940build_20241105

qnap quts_heroMatchh5.2.2.2952build_20241116

qnap quts_heroMatchh5.2.3.3006build_20250108

qnap quts_heroMatchh5.2.4.3070build_20250312

qnap quts_heroMatchh5.2.4.3079build_20250321

qnap quts_heroMatchh5.2.5.3138build_20250519

qnap quts_heroMatchh5.2.6.3195build_20250715

qnap quts_heroMatchh5.2.7.3256build_20250913

qnap quts_heroMatchh5.2.7.3297build_20251024

qnap quts_heroMatchh5.3.0.3115build_20250430

qnap quts_heroMatchh5.3.0.3145build_20250530

qnap quts_heroMatchh5.3.0.3192build_20250716

[
  {
    "defaultStatus": "unaffected",
    "product": "QTS",
    "vendor": "QNAP Systems Inc.",
    "versions": [
      {
        "lessThan": "5.2.8.3332 build 20251128",
        "status": "affected",
        "version": "5.2.x",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "QuTS hero",
    "vendor": "QNAP Systems Inc.",
    "versions": [
      {
        "lessThan": "h5.2.8.3321 build 20251117",
        "status": "affected",
        "version": "h5.2.x",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
qnap	www.qnap.com/en/security-advisory/qsa-25-51

06 Jan 2026 13:58Current

6.5Medium risk

Vulners AI Score6.5

CVSS 3.14.9

CVSS 46.9

EPSS0.00017

SSVC

CWE-22