19 matches found
Qnap QTS and QuTS hero NULL Pointer Dereference (CVE-2025-44013)
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service DoS attack. We have already fixed the vulnerability in the following...
PT-2026-1069
Name of the Vulnerable Software and Affected Versions QNAP versions prior to QTS 5.2.6.3195 build 20250715 QNAP versions prior to QuTS hero h5.2.6.3195 build 20250715 Description A flaw exists where a remote attacker, having obtained a user account, could trigger a denial-of-service DoS condition...
CVE-2025-52860
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service DoS attack. We have already fixed the vulnerability in the...
CVE-2025-48729
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service DoS attack. We have already fixed the vulnerability in the...
CVE-2025-48727
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service DoS attack. We have already fixed the vulnerability in the...
CVE-2025-47212
A command injection vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to execute arbitrary commands. We have already fixed the vulnerability in the following versions: QTS...
CVE-2025-52432
CVE-2025-52432 is a NULL pointer dereference vulnerability reported to affect QNAP QTS and QuTS Hero OS versions. According to the provided documents, a remote attacker who gains an administrator account can exploit this flaw to cause a denial-of-service (DoS). Fixes are available in QTS 5.2.6.31...
EUVD-2025-32368
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service DoS attack. We have already fixed the vulnerability in the...
CVE-2025-48726
CVE-2025-48726 affects QNAP QTS and QuTS hero. A NULL pointer dereference vulnerability can be exploited by an attacker who has an administrator account to cause a denial-of-service (DoS). Affected products include QTS and QuTS hero releases prior to the patched versions. The published fix commit...
EUVD-2025-32349
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service DoS attack. We have already fixed the vulnerability in the...
CVE-2025-47214 QTS
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service DoS attack. We have already fixed the vulnerability in the...
CVE-2025-47213 QTS, QuTS hero
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service DoS attack. We have already fixed the vulnerability in the...
CVE-2025-47212 QTS, QuTS hero
A command injection vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to execute arbitrary commands. We have already fixed the vulnerability in the following versions: QTS...
CVE-2025-47212 QTS, QuTS hero
A command injection vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to execute arbitrary commands. We have already fixed the vulnerability in the following versions: QTS...
EUVD-2025-32353
A path traversal vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the...
PT-2025-40582
Name of the Vulnerable Software and Affected Versions QNAP versions prior to QTS 5.2.6.3195 build 20250715 QNAP versions prior to QuTS hero h5.2.6.3195 build 20250715 Description A flaw exists where a remote attacker with administrator privileges can trigger a denial-of-service DoS condition...
PT-2025-40562
Name of the Vulnerable Software and Affected Versions QNAP versions prior to 5.2.6.3195 build 20250715 QNAP QuTS hero versions prior to 5.2.6.3195 build 20250715 Description A flaw exists that could allow a remote attacker with administrator privileges to trigger a denial-of-service DoS condition...
PT-2025-40581
Name of the Vulnerable Software and Affected Versions QNAP QTS versions prior to 5.2.6.3195 build 20250715 QNAP QuTS hero versions prior to 5.2.6.3195 build 20250715 Description A NULL pointer dereference issue exists in QNAP operating systems. A remote attacker gaining administrator access can...
PT-2025-40560
Name of the Vulnerable Software and Affected Versions QNAP versions prior to 5.2.6.3195 build 20250715 Description A flaw exists where a remote attacker, having obtained administrator privileges, could trigger a denial-of-service DoS condition due to a NULL pointer dereference. Recommendations...