4 matches found
CVE-2025-47205
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service DoS attack. We have already fixed the vulnerability in the...
CVE-2025-62852 QTS, QuTS hero
A buffer overflow vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to modify memory or crash processes. We have already fixed the vulnerability in the following version: Q...
CVE-2025-59381
CVE-2025-59381 describes a path traversal vulnerability in QNAP QTS and QuTS hero affected versions prior to the fixes. The flaw allows an administrator-level attacker to read arbitrary files or system data due to improper validation of pathnames. Affected: QTS up to 5.2.8.3332 build 20251128 and...
PT-2026-1096
Name of the Vulnerable Software and Affected Versions QNAP versions prior to QTS 5.2.8.3332 build 20251128 QNAP versions prior to QuTS hero h5.2.8.3321 build 20251117 Description A path traversal issue exists in QNAP operating systems. A remote attacker with administrator privileges can potential...