CVE-2025-66277

🗓️ 11 Feb 2026 12:15:43Reported by qnapType

CVE-2025-66277 affects QTS and QuTS hero; remote file system traversal fixed in specified builds.

Reporter	Title	Published	Views	Family All 9
ATTACKERKB	CVE-2025-66277	11 Feb 202612:15	–	attackerkb
Circl	CVE-2025-66277	11 Feb 202619:02	–	circl
CNNVD	QNAP Systems QTS和QNAP Systems QuTS hero 后置链接漏洞	11 Feb 202600:00	–	cnnvd
Cvelist	CVE-2025-66277 QTS, QuTS hero	11 Feb 202612:15	–	cvelist
NVD	CVE-2025-66277	11 Feb 202613:15	–	nvd
Positive Technologies	PT-2026-7574	11 Feb 202600:00	–	ptsecurity
RedhatCVE	CVE-2025-66277	12 Feb 202613:43	–	redhatcve
Tenable Nessus	Qnap QTS and QuTS Improper Link Resolution Before File Access (CVE-2025-66277)	9 Mar 202600:00	–	nessus
Vulnrichment	CVE-2025-66277 QTS, QuTS hero	11 Feb 202612:15	–	vulnrichment

NVD

Node

qnap qtsMatch5.2.0.2737build_20240417

qnap qtsMatch5.2.0.2744build_20240424

qnap qtsMatch5.2.0.2782build_20240601

qnap qtsMatch5.2.0.2802build_20240620

qnap qtsMatch5.2.0.2823build_20240711

qnap qtsMatch5.2.0.2851build_20240808

qnap qtsMatch5.2.0.2860build_20240817

qnap qtsMatch5.2.1.2930build_20241025

qnap qtsMatch5.2.2.2950build_20241114

qnap qtsMatch5.2.3.3006build_20250108

qnap qtsMatch5.2.4.3070build_20250312

qnap qtsMatch5.2.4.3079build_20250321

qnap qtsMatch5.2.4.3092build_20250403

qnap qtsMatch5.2.5.3145build_20250526

qnap qtsMatch5.2.6.3195build_20250715

qnap qtsMatch5.2.6.3229build_20250818

qnap qtsMatch5.2.7.3256build_20250913

qnap qtsMatch5.2.7.3297build_20251024

qnap qtsMatch5.2.8.3332build_20251128

Node

qnap quts_heroMatchh5.2.0.2737build_20240417

qnap quts_heroMatchh5.2.0.2782build_20240601

qnap quts_heroMatchh5.2.0.2789build_20240607

qnap quts_heroMatchh5.2.0.2802build_20240620

qnap quts_heroMatchh5.2.0.2823build_20240711

qnap quts_heroMatchh5.2.0.2851build_20240808

qnap quts_heroMatchh5.2.0.2860build_20240817

qnap quts_heroMatchh5.2.1.2929build_20241025

qnap quts_heroMatchh5.2.1.2940build_20241105

qnap quts_heroMatchh5.2.2.2952build_20241116

qnap quts_heroMatchh5.2.3.3006build_20250108

qnap quts_heroMatchh5.2.4.3070build_20250312

qnap quts_heroMatchh5.2.4.3079build_20250321

qnap quts_heroMatchh5.2.5.3138build_20250519

qnap quts_heroMatchh5.2.6.3195build_20250715

qnap quts_heroMatchh5.2.7.3256build_20250913

qnap quts_heroMatchh5.2.7.3297build_20251024

qnap quts_heroMatchh5.2.8.3321build_20251117

[
  {
    "defaultStatus": "unaffected",
    "product": "QTS",
    "vendor": "QNAP Systems Inc.",
    "versions": [
      {
        "lessThan": "5.2.8.3350 build 20251216",
        "status": "affected",
        "version": "5.2.x",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "QuTS hero",
    "vendor": "QNAP Systems Inc.",
    "versions": [
      {
        "lessThan": "h5.3.2.3354 build 20251225",
        "status": "affected",
        "version": "h5.3.x",
        "versionType": "custom"
      },
      {
        "lessThan": "h5.2.8.3350 build 20251216",
        "status": "affected",
        "version": "h5.2.x",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
qnap	www.qnap.com/en/security-advisory/qsa-26-05

12 Feb 2026 17:01Current

5.5Medium risk

Vulners AI Score5.5

CVSS 3.19.8

CVSS 49.2

EPSS0.00093

SSVC

CWE-59