8 matches found
CVE-2025-66277
A link following vulnerability has been reported to affect several QNAP operating system versions. The remote attackers can then exploit the vulnerability to traverse the file system to unintended locations. We have already fixed the vulnerability in the following versions: QTS 5.2.8.3350 build...
Qnap QTS and QuTS hero Use of Externally-Controlled Format String (CVE-2025-53591)
A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to obtain secret data or modify memory. We have already fixed the vulnerabili...
CVE-2025-48721
CVE-2025-48721 describes a buffer overflow affecting QNAP OS such as QTS and QuTS hero. Connected documents confirm a vulnerability where a remote attacker who already has an administrator account can trigger memory modification or process crashes. The issue is mitigated by fixes introduced in QT...
CVE-2025-52430
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service DoS attack. We have already fixed the vulnerability in the...
CVE-2025-62847
An improper neutralization of argument delimiters in a command vulnerability has been reported to affect several QNAP operating system versions. The remote attackers can then exploit the vulnerability to alter execution logic. We have already fixed the vulnerability in the following versions: QTS...
QNAP QTS和QNAP QuTS hero 路径遍历漏洞
QNAP QTS is a NAS operating system developed by QNAPSystems, Inc. designed for network attached storage devices, providing data management, backup, multimedia entertainment, etc. QNAP QuTS hero is an enterprise-grade operating system developed by QNAP for its networked storage devices NAS, which ...
PT-2024-19118 · Qnap · Qnap Qts +2
Name of the Vulnerable Software and Affected Versions: QNAP QTS versions prior to 5.1.3.2578 build 20231110 QNAP QuTS hero versions prior to 5.1.3.2578 build 20231110 QNAP QuTScloud versions prior to 5.1.5.2651 Description: An integer overflow or wraparound issue has been reported to affect sever...
PT-2024-13926 · Qnap · Qnap Qts +1
Name of the Vulnerable Software and Affected Versions: QNAP QTS versions prior to 5.1.6.2722 build 20240402 QNAP QuTS hero versions prior to h5.1.6.2734 build 20240414 Description: An incorrect authorization issue has been reported, affecting several QNAP operating system versions. If exploited,...