4 matches found
CVE-2025-30274 QTS, QuTS hero
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If can then exploit the vulnerability to launch a denial-of-service DoS attack. We have already fixed the vulnerability in the following versions: QTS 5.2.5.3145 build 20250526 and later...
CVE-2025-30271
The CVE-2025-30271 entry describes a path-traversal vulnerability affecting QNAP QTS and QuTS hero. A remote attacker who has an existing user account could read contents of unexpected files or system data. The issue has been addressed in fixed releases: QTS 5.2.5.3145 build 20250526 and later, a...
CVE-2025-30267 QTS, QuTS hero
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service DoS attack. We have already fixed the vulnerability in the following...
CVE-2025-30264 QTS, QuTS hero
A command injection vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains a user account, they can then exploit the vulnerability to execute arbitrary commands. We have already fixed the vulnerability in the following versions: QTS 5.2.5.3145...