6 matches found
CVE-2025-59386
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service DoS attack. We have already fixed the vulnerability in the...
CVE-2025-66274
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service DoS attack. We have already fixed the vulnerability in the...
CVE-2025-59386
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service DoS attack. We have already fixed the vulnerability in the...
CVE-2025-66274
CVE-2025-66274 affects QNAP QTS and QuTS hero; a NULL pointer dereference allows a remote attacker with administrator privileges to trigger a DoS. Remediation: upgrade to QuTS hero h5.3.2.3354 build 20251225 or later (and affected QTS versions). Exploitation details are described as remote with a...
CVE-2025-66274 QuTS hero
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service DoS attack. We have already fixed the vulnerability in the...
CVE-2025-66277
CVE-2025-66277 is a high-severity, network-exploitable vulnerability in several QNAP OS platforms where a crafted link can enable filesystem traversal to unintended locations. The CVE lists a root cause related to path traversal within a link-following component and indicates a modified impact on...