Search criteria
668 vulnerabilities found for quts_hero by qnap
CVE-2025-59380 (GCVE-0-2025-59380)
Vulnerability from nvd – Published: 2026-01-02 15:18 – Updated: 2026-01-02 19:10
VLAI?
Title
QTS, QuTS hero
Summary
A path traversal vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to read the contents of unexpected files or system data.
We have already fixed the vulnerability in the following versions:
QTS 5.2.8.3332 build 20251128 and later
QuTS hero h5.2.8.3321 build 20251117 and later
Severity ?
CWE
Assigner
References
1 reference
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| QNAP Systems Inc. | QTS |
Affected:
5.2.x , < 5.2.8.3332 build 20251128
(custom)
|
|
| QNAP Systems Inc. | QuTS hero |
Affected:
h5.2.x , < h5.2.8.3321 build 20251117
(custom)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-59380",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-02T19:10:16.565222Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-02T19:10:29.579Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "QTS",
"vendor": "QNAP Systems Inc.",
"versions": [
{
"lessThan": "5.2.8.3332 build 20251128",
"status": "affected",
"version": "5.2.x",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "QuTS hero",
"vendor": "QNAP Systems Inc.",
"versions": [
{
"lessThan": "h5.2.8.3321 build 20251117",
"status": "affected",
"version": "h5.2.x",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:qnap_systems_inc.:qts:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.2.8.3332_build_20251128",
"versionStartIncluding": "5.2.x",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:qnap_systems_inc.:quts_hero:*:*:*:*:*:*:*:*",
"versionEndExcluding": "h5.2.8.3321_build_20251117",
"versionStartIncluding": "h5.2.x",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "coral"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A path traversal vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to read the contents of unexpected files or system data.\u003cbr\u003e\u003cbr\u003eWe have already fixed the vulnerability in the following versions:\u003cbr\u003eQTS 5.2.8.3332 build 20251128 and later\u003cbr\u003eQuTS hero h5.2.8.3321 build 20251117 and later\u003cbr\u003e"
}
],
"value": "A path traversal vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to read the contents of unexpected files or system data.\n\nWe have already fixed the vulnerability in the following versions:\nQTS 5.2.8.3332 build 20251128 and later\nQuTS hero h5.2.8.3321 build 20251117 and later"
}
],
"impacts": [
{
"capecId": "CAPEC-126",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-126"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"exploitMaturity": "UNREPORTED",
"privilegesRequired": "HIGH",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-02T15:18:56.977Z",
"orgId": "2fd009eb-170a-4625-932b-17a53af1051f",
"shortName": "qnap"
},
"references": [
{
"url": "https://www.qnap.com/en/security-advisory/qsa-25-51"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "We have already fixed the vulnerability in the following versions:\u003cbr\u003eQTS 5.2.8.3332 build 20251128 and later\u003cbr\u003eQuTS hero h5.2.8.3321 build 20251117 and later\u003cbr\u003e"
}
],
"value": "We have already fixed the vulnerability in the following versions:\nQTS 5.2.8.3332 build 20251128 and later\nQuTS hero h5.2.8.3321 build 20251117 and later"
}
],
"source": {
"advisory": "QSA-25-51",
"discovery": "EXTERNAL"
},
"title": "QTS, QuTS hero",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "2fd009eb-170a-4625-932b-17a53af1051f",
"assignerShortName": "qnap",
"cveId": "CVE-2025-59380",
"datePublished": "2026-01-02T15:18:56.977Z",
"dateReserved": "2025-09-15T08:35:00.659Z",
"dateUpdated": "2026-01-02T19:10:29.579Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-48721 (GCVE-0-2025-48721)
Vulnerability from nvd – Published: 2026-01-02 15:17 – Updated: 2026-01-02 19:13
VLAI?
Title
QTS, QuTS hero
Summary
A buffer overflow vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to modify memory or crash processes.
We have already fixed the vulnerability in the following version:
QTS 5.2.8.3332 build 20251128 and later
Severity ?
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| QNAP Systems Inc. | QTS |
Affected:
5.2.x , < 5.2.8.3332 build 20251128
(custom)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-48721",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-02T19:12:59.630805Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-02T19:13:09.727Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "QTS",
"vendor": "QNAP Systems Inc.",
"versions": [
{
"lessThan": "5.2.8.3332 build 20251128",
"status": "affected",
"version": "5.2.x",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Yuze Wu(h1J4cker)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A buffer overflow vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to modify memory or crash processes.\u003cbr\u003e\u003cbr\u003eWe have already fixed the vulnerability in the following version:\u003cbr\u003eQTS 5.2.8.3332 build 20251128 and later\u003cbr\u003e"
}
],
"value": "A buffer overflow vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to modify memory or crash processes.\n\nWe have already fixed the vulnerability in the following version:\nQTS 5.2.8.3332 build 20251128 and later"
}
],
"impacts": [
{
"capecId": "CAPEC-100",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-100"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 1.2,
"baseSeverity": "LOW",
"exploitMaturity": "UNREPORTED",
"privilegesRequired": "HIGH",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-120",
"description": "CWE-120",
"lang": "en",
"type": "CWE"
},
{
"cweId": "CWE-121",
"description": "CWE-121",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-02T15:17:38.864Z",
"orgId": "2fd009eb-170a-4625-932b-17a53af1051f",
"shortName": "qnap"
},
"references": [
{
"url": "https://www.qnap.com/en/security-advisory/qsa-25-51"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "We have already fixed the vulnerability in the following version:\u003cbr\u003eQTS 5.2.8.3332 build 20251128 and later\u003cbr\u003e"
}
],
"value": "We have already fixed the vulnerability in the following version:\nQTS 5.2.8.3332 build 20251128 and later"
}
],
"source": {
"advisory": "QSA-25-51",
"discovery": "EXTERNAL"
},
"title": "QTS, QuTS hero",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "2fd009eb-170a-4625-932b-17a53af1051f",
"assignerShortName": "qnap",
"cveId": "CVE-2025-48721",
"datePublished": "2026-01-02T15:17:38.864Z",
"dateReserved": "2025-05-23T07:43:55.795Z",
"dateUpdated": "2026-01-02T19:13:09.727Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-9110 (GCVE-0-2025-9110)
Vulnerability from nvd – Published: 2026-01-02 15:17 – Updated: 2026-01-02 19:14
VLAI?
Title
QTS, QuTS hero
Summary
An exposure of sensitive system information to an unauthorized control sphere vulnerability has been reported to affect several QNAP operating system versions. The remote attackers can then exploit the vulnerability to read application data.
We have already fixed the vulnerability in the following versions:
QTS 5.2.8.3332 build 20251128 and later
QuTS hero h5.2.8.3321 build 20251117 and later
QuTS hero h5.3.1.3250 build 20250912 and later
Severity ?
CWE
Assigner
References
1 reference
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| QNAP Systems Inc. | QTS |
Affected:
5.2.x , < 5.2.8.3332 build 20251128
(custom)
|
|
| QNAP Systems Inc. | QuTS hero |
Affected:
h5.2.x , < h5.2.8.3321 build 20251117
(custom)
Affected: h5.3.x , < h5.3.1.3250 build 20250912 (custom) |
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-9110",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-02T19:14:27.110080Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-02T19:14:42.164Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "QTS",
"vendor": "QNAP Systems Inc.",
"versions": [
{
"lessThan": "5.2.8.3332 build 20251128",
"status": "affected",
"version": "5.2.x",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "QuTS hero",
"vendor": "QNAP Systems Inc.",
"versions": [
{
"lessThan": "h5.2.8.3321 build 20251117",
"status": "affected",
"version": "h5.2.x",
"versionType": "custom"
},
{
"lessThan": "h5.3.1.3250 build 20250912",
"status": "affected",
"version": "h5.3.x",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:qnap_systems_inc.:qts:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.2.8.3332_build_20251128",
"versionStartIncluding": "5.2.x",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:qnap_systems_inc.:quts_hero:*:*:*:*:*:*:*:*",
"versionEndExcluding": "h5.2.8.3321_build_20251117",
"versionStartIncluding": "h5.2.x",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:qnap_systems_inc.:quts_hero:*:*:*:*:*:*:*:*",
"versionEndExcluding": "h5.3.1.3250_build_20250912",
"versionStartIncluding": "h5.3.x",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Nanyu Zhong @ VARAS IIE"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An exposure of sensitive system information to an unauthorized control sphere vulnerability has been reported to affect several QNAP operating system versions. The remote attackers can then exploit the vulnerability to read application data.\u003cbr\u003e\u003cbr\u003eWe have already fixed the vulnerability in the following versions:\u003cbr\u003eQTS 5.2.8.3332 build 20251128 and later\u003cbr\u003eQuTS hero h5.2.8.3321 build 20251117 and later\u003cbr\u003eQuTS hero h5.3.1.3250 build 20250912 and later\u003cbr\u003e"
}
],
"value": "An exposure of sensitive system information to an unauthorized control sphere vulnerability has been reported to affect several QNAP operating system versions. The remote attackers can then exploit the vulnerability to read application data.\n\nWe have already fixed the vulnerability in the following versions:\nQTS 5.2.8.3332 build 20251128 and later\nQuTS hero h5.2.8.3321 build 20251117 and later\nQuTS hero h5.3.1.3250 build 20250912 and later"
}
],
"impacts": [
{
"capecId": "CAPEC-131",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-131"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 2.7,
"baseSeverity": "LOW",
"exploitMaturity": "UNREPORTED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-497",
"description": "CWE-497",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-02T15:17:29.481Z",
"orgId": "2fd009eb-170a-4625-932b-17a53af1051f",
"shortName": "qnap"
},
"references": [
{
"url": "https://www.qnap.com/en/security-advisory/qsa-25-51"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "We have already fixed the vulnerability in the following versions:\u003cbr\u003eQTS 5.2.8.3332 build 20251128 and later\u003cbr\u003eQuTS hero h5.2.8.3321 build 20251117 and later\u003cbr\u003eQuTS hero h5.3.1.3250 build 20250912 and later\u003cbr\u003e"
}
],
"value": "We have already fixed the vulnerability in the following versions:\nQTS 5.2.8.3332 build 20251128 and later\nQuTS hero h5.2.8.3321 build 20251117 and later\nQuTS hero h5.3.1.3250 build 20250912 and later"
}
],
"source": {
"advisory": "QSA-25-51",
"discovery": "EXTERNAL"
},
"title": "QTS, QuTS hero",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "2fd009eb-170a-4625-932b-17a53af1051f",
"assignerShortName": "qnap",
"cveId": "CVE-2025-9110",
"datePublished": "2026-01-02T15:17:29.481Z",
"dateReserved": "2025-08-18T08:29:16.532Z",
"dateUpdated": "2026-01-02T19:14:42.164Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-57705 (GCVE-0-2025-57705)
Vulnerability from nvd – Published: 2026-01-02 14:57 – Updated: 2026-01-02 19:15
VLAI?
Title
QTS, QuTS hero
Summary
An allocation of resources without limits or throttling vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to prevent other systems, applications, or processes from accessing the same type of resource.
We have already fixed the vulnerability in the following versions:
QTS 5.2.7.3256 build 20250913 and later
QuTS hero h5.2.7.3256 build 20250913 and later
QuTS hero h5.3.1.3250 build 20250912 and later
Severity ?
CWE
Assigner
References
1 reference
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| QNAP Systems Inc. | QTS |
Affected:
5.2.x , < 5.2.7.3256 build 20250913
(custom)
|
|
| QNAP Systems Inc. | QuTS hero |
Affected:
h5.2.x , < h5.2.7.3256 build 20250913
(custom)
Affected: h5.3.x , < h5.3.1.3250 build 20250912 (custom) |
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-57705",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-02T19:15:12.474457Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-02T19:15:26.326Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "QTS",
"vendor": "QNAP Systems Inc.",
"versions": [
{
"lessThan": "5.2.7.3256 build 20250913",
"status": "affected",
"version": "5.2.x",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "QuTS hero",
"vendor": "QNAP Systems Inc.",
"versions": [
{
"lessThan": "h5.2.7.3256 build 20250913",
"status": "affected",
"version": "h5.2.x",
"versionType": "custom"
},
{
"lessThan": "h5.3.1.3250 build 20250912",
"status": "affected",
"version": "h5.3.x",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:qnap_systems_inc.:qts:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.2.7.3256_build_20250913",
"versionStartIncluding": "5.2.x",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:qnap_systems_inc.:quts_hero:*:*:*:*:*:*:*:*",
"versionEndExcluding": "h5.2.7.3256_build_20250913",
"versionStartIncluding": "h5.2.x",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:qnap_systems_inc.:quts_hero:*:*:*:*:*:*:*:*",
"versionEndExcluding": "h5.3.1.3250_build_20250912",
"versionStartIncluding": "h5.3.x",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "coral"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An allocation of resources without limits or throttling vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to prevent other systems, applications, or processes from accessing the same type of resource.\u003cbr\u003e\u003cbr\u003eWe have already fixed the vulnerability in the following versions:\u003cbr\u003eQTS 5.2.7.3256 build 20250913 and later\u003cbr\u003eQuTS hero h5.2.7.3256 build 20250913 and later\u003cbr\u003eQuTS hero h5.3.1.3250 build 20250912 and later\u003cbr\u003e"
}
],
"value": "An allocation of resources without limits or throttling vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to prevent other systems, applications, or processes from accessing the same type of resource.\n\nWe have already fixed the vulnerability in the following versions:\nQTS 5.2.7.3256 build 20250913 and later\nQuTS hero h5.2.7.3256 build 20250913 and later\nQuTS hero h5.3.1.3250 build 20250912 and later"
}
],
"impacts": [
{
"capecId": "CAPEC-131",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-131"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"exploitMaturity": "UNREPORTED",
"privilegesRequired": "HIGH",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-770",
"description": "CWE-770",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-02T14:57:17.408Z",
"orgId": "2fd009eb-170a-4625-932b-17a53af1051f",
"shortName": "qnap"
},
"references": [
{
"url": "https://www.qnap.com/en/security-advisory/qsa-25-50"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "We have already fixed the vulnerability in the following versions:\u003cbr\u003eQTS 5.2.7.3256 build 20250913 and later\u003cbr\u003eQuTS hero h5.2.7.3256 build 20250913 and later\u003cbr\u003eQuTS hero h5.3.1.3250 build 20250912 and later\u003cbr\u003e"
}
],
"value": "We have already fixed the vulnerability in the following versions:\nQTS 5.2.7.3256 build 20250913 and later\nQuTS hero h5.2.7.3256 build 20250913 and later\nQuTS hero h5.3.1.3250 build 20250912 and later"
}
],
"source": {
"advisory": "QSA-25-50",
"discovery": "EXTERNAL"
},
"title": "QTS, QuTS hero",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "2fd009eb-170a-4625-932b-17a53af1051f",
"assignerShortName": "qnap",
"cveId": "CVE-2025-57705",
"datePublished": "2026-01-02T14:57:17.408Z",
"dateReserved": "2025-08-18T08:29:27.067Z",
"dateUpdated": "2026-01-02T19:15:26.326Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-54166 (GCVE-0-2025-54166)
Vulnerability from nvd – Published: 2026-01-02 14:57 – Updated: 2026-01-02 19:16
VLAI?
Title
QTS, QuTS hero
Summary
An out-of-bounds read vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to obtain secret data.
We have already fixed the vulnerability in the following versions:
QTS 5.2.7.3256 build 20250913 and later
QuTS hero h5.2.7.3256 build 20250913 and later
QuTS hero h5.3.1.3250 build 20250912 and later
Severity ?
CWE
Assigner
References
1 reference
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| QNAP Systems Inc. | QTS |
Affected:
5.2.x , < 5.2.7.3256 build 20250913
(custom)
|
|
| QNAP Systems Inc. | QuTS hero |
Affected:
h5.2.x , < h5.2.7.3256 build 20250913
(custom)
Affected: h5.3.x , < h5.3.1.3250 build 20250912 (custom) |
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-54166",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-02T19:15:53.616736Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-02T19:16:09.640Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "QTS",
"vendor": "QNAP Systems Inc.",
"versions": [
{
"lessThan": "5.2.7.3256 build 20250913",
"status": "affected",
"version": "5.2.x",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "QuTS hero",
"vendor": "QNAP Systems Inc.",
"versions": [
{
"lessThan": "h5.2.7.3256 build 20250913",
"status": "affected",
"version": "h5.2.x",
"versionType": "custom"
},
{
"lessThan": "h5.3.1.3250 build 20250912",
"status": "affected",
"version": "h5.3.x",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:qnap_systems_inc.:qts:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.2.7.3256_build_20250913",
"versionStartIncluding": "5.2.x",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:qnap_systems_inc.:quts_hero:*:*:*:*:*:*:*:*",
"versionEndExcluding": "h5.2.7.3256_build_20250913",
"versionStartIncluding": "h5.2.x",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:qnap_systems_inc.:quts_hero:*:*:*:*:*:*:*:*",
"versionEndExcluding": "h5.3.1.3250_build_20250912",
"versionStartIncluding": "h5.3.x",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "coral"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An out-of-bounds read vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to obtain secret data.\u003cbr\u003e\u003cbr\u003eWe have already fixed the vulnerability in the following versions:\u003cbr\u003eQTS 5.2.7.3256 build 20250913 and later\u003cbr\u003eQuTS hero h5.2.7.3256 build 20250913 and later\u003cbr\u003eQuTS hero h5.3.1.3250 build 20250912 and later\u003cbr\u003e"
}
],
"value": "An out-of-bounds read vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to obtain secret data.\n\nWe have already fixed the vulnerability in the following versions:\nQTS 5.2.7.3256 build 20250913 and later\nQuTS hero h5.2.7.3256 build 20250913 and later\nQuTS hero h5.3.1.3250 build 20250912 and later"
}
],
"impacts": [
{
"capecId": "CAPEC-540",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-540"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"exploitMaturity": "UNREPORTED",
"privilegesRequired": "HIGH",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-02T14:57:05.534Z",
"orgId": "2fd009eb-170a-4625-932b-17a53af1051f",
"shortName": "qnap"
},
"references": [
{
"url": "https://www.qnap.com/en/security-advisory/qsa-25-50"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "We have already fixed the vulnerability in the following versions:\u003cbr\u003eQTS 5.2.7.3256 build 20250913 and later\u003cbr\u003eQuTS hero h5.2.7.3256 build 20250913 and later\u003cbr\u003eQuTS hero h5.3.1.3250 build 20250912 and later\u003cbr\u003e"
}
],
"value": "We have already fixed the vulnerability in the following versions:\nQTS 5.2.7.3256 build 20250913 and later\nQuTS hero h5.2.7.3256 build 20250913 and later\nQuTS hero h5.3.1.3250 build 20250912 and later"
}
],
"source": {
"advisory": "QSA-25-50",
"discovery": "EXTERNAL"
},
"title": "QTS, QuTS hero",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "2fd009eb-170a-4625-932b-17a53af1051f",
"assignerShortName": "qnap",
"cveId": "CVE-2025-54166",
"datePublished": "2026-01-02T14:57:05.534Z",
"dateReserved": "2025-07-17T08:05:28.816Z",
"dateUpdated": "2026-01-02T19:16:09.640Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-48721 (GCVE-0-2025-48721)
Vulnerability from cvelistv5 – Published: 2026-01-02 15:17 – Updated: 2026-01-02 19:13
VLAI?
Title
QTS, QuTS hero
Summary
A buffer overflow vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to modify memory or crash processes.
We have already fixed the vulnerability in the following version:
QTS 5.2.8.3332 build 20251128 and later
Severity ?
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| QNAP Systems Inc. | QTS |
Affected:
5.2.x , < 5.2.8.3332 build 20251128
(custom)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-48721",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-02T19:12:59.630805Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-02T19:13:09.727Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "QTS",
"vendor": "QNAP Systems Inc.",
"versions": [
{
"lessThan": "5.2.8.3332 build 20251128",
"status": "affected",
"version": "5.2.x",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Yuze Wu(h1J4cker)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A buffer overflow vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to modify memory or crash processes.\u003cbr\u003e\u003cbr\u003eWe have already fixed the vulnerability in the following version:\u003cbr\u003eQTS 5.2.8.3332 build 20251128 and later\u003cbr\u003e"
}
],
"value": "A buffer overflow vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to modify memory or crash processes.\n\nWe have already fixed the vulnerability in the following version:\nQTS 5.2.8.3332 build 20251128 and later"
}
],
"impacts": [
{
"capecId": "CAPEC-100",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-100"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 1.2,
"baseSeverity": "LOW",
"exploitMaturity": "UNREPORTED",
"privilegesRequired": "HIGH",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-120",
"description": "CWE-120",
"lang": "en",
"type": "CWE"
},
{
"cweId": "CWE-121",
"description": "CWE-121",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-02T15:17:38.864Z",
"orgId": "2fd009eb-170a-4625-932b-17a53af1051f",
"shortName": "qnap"
},
"references": [
{
"url": "https://www.qnap.com/en/security-advisory/qsa-25-51"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "We have already fixed the vulnerability in the following version:\u003cbr\u003eQTS 5.2.8.3332 build 20251128 and later\u003cbr\u003e"
}
],
"value": "We have already fixed the vulnerability in the following version:\nQTS 5.2.8.3332 build 20251128 and later"
}
],
"source": {
"advisory": "QSA-25-51",
"discovery": "EXTERNAL"
},
"title": "QTS, QuTS hero",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "2fd009eb-170a-4625-932b-17a53af1051f",
"assignerShortName": "qnap",
"cveId": "CVE-2025-48721",
"datePublished": "2026-01-02T15:17:38.864Z",
"dateReserved": "2025-05-23T07:43:55.795Z",
"dateUpdated": "2026-01-02T19:13:09.727Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-9110 (GCVE-0-2025-9110)
Vulnerability from cvelistv5 – Published: 2026-01-02 15:17 – Updated: 2026-01-02 19:14
VLAI?
Title
QTS, QuTS hero
Summary
An exposure of sensitive system information to an unauthorized control sphere vulnerability has been reported to affect several QNAP operating system versions. The remote attackers can then exploit the vulnerability to read application data.
We have already fixed the vulnerability in the following versions:
QTS 5.2.8.3332 build 20251128 and later
QuTS hero h5.2.8.3321 build 20251117 and later
QuTS hero h5.3.1.3250 build 20250912 and later
Severity ?
CWE
Assigner
References
1 reference
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| QNAP Systems Inc. | QTS |
Affected:
5.2.x , < 5.2.8.3332 build 20251128
(custom)
|
|
| QNAP Systems Inc. | QuTS hero |
Affected:
h5.2.x , < h5.2.8.3321 build 20251117
(custom)
Affected: h5.3.x , < h5.3.1.3250 build 20250912 (custom) |
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-9110",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-02T19:14:27.110080Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-02T19:14:42.164Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "QTS",
"vendor": "QNAP Systems Inc.",
"versions": [
{
"lessThan": "5.2.8.3332 build 20251128",
"status": "affected",
"version": "5.2.x",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "QuTS hero",
"vendor": "QNAP Systems Inc.",
"versions": [
{
"lessThan": "h5.2.8.3321 build 20251117",
"status": "affected",
"version": "h5.2.x",
"versionType": "custom"
},
{
"lessThan": "h5.3.1.3250 build 20250912",
"status": "affected",
"version": "h5.3.x",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:qnap_systems_inc.:qts:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.2.8.3332_build_20251128",
"versionStartIncluding": "5.2.x",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:qnap_systems_inc.:quts_hero:*:*:*:*:*:*:*:*",
"versionEndExcluding": "h5.2.8.3321_build_20251117",
"versionStartIncluding": "h5.2.x",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:qnap_systems_inc.:quts_hero:*:*:*:*:*:*:*:*",
"versionEndExcluding": "h5.3.1.3250_build_20250912",
"versionStartIncluding": "h5.3.x",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Nanyu Zhong @ VARAS IIE"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An exposure of sensitive system information to an unauthorized control sphere vulnerability has been reported to affect several QNAP operating system versions. The remote attackers can then exploit the vulnerability to read application data.\u003cbr\u003e\u003cbr\u003eWe have already fixed the vulnerability in the following versions:\u003cbr\u003eQTS 5.2.8.3332 build 20251128 and later\u003cbr\u003eQuTS hero h5.2.8.3321 build 20251117 and later\u003cbr\u003eQuTS hero h5.3.1.3250 build 20250912 and later\u003cbr\u003e"
}
],
"value": "An exposure of sensitive system information to an unauthorized control sphere vulnerability has been reported to affect several QNAP operating system versions. The remote attackers can then exploit the vulnerability to read application data.\n\nWe have already fixed the vulnerability in the following versions:\nQTS 5.2.8.3332 build 20251128 and later\nQuTS hero h5.2.8.3321 build 20251117 and later\nQuTS hero h5.3.1.3250 build 20250912 and later"
}
],
"impacts": [
{
"capecId": "CAPEC-131",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-131"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 2.7,
"baseSeverity": "LOW",
"exploitMaturity": "UNREPORTED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-497",
"description": "CWE-497",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-02T15:17:29.481Z",
"orgId": "2fd009eb-170a-4625-932b-17a53af1051f",
"shortName": "qnap"
},
"references": [
{
"url": "https://www.qnap.com/en/security-advisory/qsa-25-51"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "We have already fixed the vulnerability in the following versions:\u003cbr\u003eQTS 5.2.8.3332 build 20251128 and later\u003cbr\u003eQuTS hero h5.2.8.3321 build 20251117 and later\u003cbr\u003eQuTS hero h5.3.1.3250 build 20250912 and later\u003cbr\u003e"
}
],
"value": "We have already fixed the vulnerability in the following versions:\nQTS 5.2.8.3332 build 20251128 and later\nQuTS hero h5.2.8.3321 build 20251117 and later\nQuTS hero h5.3.1.3250 build 20250912 and later"
}
],
"source": {
"advisory": "QSA-25-51",
"discovery": "EXTERNAL"
},
"title": "QTS, QuTS hero",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "2fd009eb-170a-4625-932b-17a53af1051f",
"assignerShortName": "qnap",
"cveId": "CVE-2025-9110",
"datePublished": "2026-01-02T15:17:29.481Z",
"dateReserved": "2025-08-18T08:29:16.532Z",
"dateUpdated": "2026-01-02T19:14:42.164Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-57705 (GCVE-0-2025-57705)
Vulnerability from cvelistv5 – Published: 2026-01-02 14:57 – Updated: 2026-01-02 19:15
VLAI?
Title
QTS, QuTS hero
Summary
An allocation of resources without limits or throttling vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to prevent other systems, applications, or processes from accessing the same type of resource.
We have already fixed the vulnerability in the following versions:
QTS 5.2.7.3256 build 20250913 and later
QuTS hero h5.2.7.3256 build 20250913 and later
QuTS hero h5.3.1.3250 build 20250912 and later
Severity ?
CWE
Assigner
References
1 reference
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| QNAP Systems Inc. | QTS |
Affected:
5.2.x , < 5.2.7.3256 build 20250913
(custom)
|
|
| QNAP Systems Inc. | QuTS hero |
Affected:
h5.2.x , < h5.2.7.3256 build 20250913
(custom)
Affected: h5.3.x , < h5.3.1.3250 build 20250912 (custom) |
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-57705",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-02T19:15:12.474457Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-02T19:15:26.326Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "QTS",
"vendor": "QNAP Systems Inc.",
"versions": [
{
"lessThan": "5.2.7.3256 build 20250913",
"status": "affected",
"version": "5.2.x",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "QuTS hero",
"vendor": "QNAP Systems Inc.",
"versions": [
{
"lessThan": "h5.2.7.3256 build 20250913",
"status": "affected",
"version": "h5.2.x",
"versionType": "custom"
},
{
"lessThan": "h5.3.1.3250 build 20250912",
"status": "affected",
"version": "h5.3.x",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:qnap_systems_inc.:qts:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.2.7.3256_build_20250913",
"versionStartIncluding": "5.2.x",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:qnap_systems_inc.:quts_hero:*:*:*:*:*:*:*:*",
"versionEndExcluding": "h5.2.7.3256_build_20250913",
"versionStartIncluding": "h5.2.x",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:qnap_systems_inc.:quts_hero:*:*:*:*:*:*:*:*",
"versionEndExcluding": "h5.3.1.3250_build_20250912",
"versionStartIncluding": "h5.3.x",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "coral"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An allocation of resources without limits or throttling vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to prevent other systems, applications, or processes from accessing the same type of resource.\u003cbr\u003e\u003cbr\u003eWe have already fixed the vulnerability in the following versions:\u003cbr\u003eQTS 5.2.7.3256 build 20250913 and later\u003cbr\u003eQuTS hero h5.2.7.3256 build 20250913 and later\u003cbr\u003eQuTS hero h5.3.1.3250 build 20250912 and later\u003cbr\u003e"
}
],
"value": "An allocation of resources without limits or throttling vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to prevent other systems, applications, or processes from accessing the same type of resource.\n\nWe have already fixed the vulnerability in the following versions:\nQTS 5.2.7.3256 build 20250913 and later\nQuTS hero h5.2.7.3256 build 20250913 and later\nQuTS hero h5.3.1.3250 build 20250912 and later"
}
],
"impacts": [
{
"capecId": "CAPEC-131",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-131"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"exploitMaturity": "UNREPORTED",
"privilegesRequired": "HIGH",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-770",
"description": "CWE-770",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-02T14:57:17.408Z",
"orgId": "2fd009eb-170a-4625-932b-17a53af1051f",
"shortName": "qnap"
},
"references": [
{
"url": "https://www.qnap.com/en/security-advisory/qsa-25-50"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "We have already fixed the vulnerability in the following versions:\u003cbr\u003eQTS 5.2.7.3256 build 20250913 and later\u003cbr\u003eQuTS hero h5.2.7.3256 build 20250913 and later\u003cbr\u003eQuTS hero h5.3.1.3250 build 20250912 and later\u003cbr\u003e"
}
],
"value": "We have already fixed the vulnerability in the following versions:\nQTS 5.2.7.3256 build 20250913 and later\nQuTS hero h5.2.7.3256 build 20250913 and later\nQuTS hero h5.3.1.3250 build 20250912 and later"
}
],
"source": {
"advisory": "QSA-25-50",
"discovery": "EXTERNAL"
},
"title": "QTS, QuTS hero",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "2fd009eb-170a-4625-932b-17a53af1051f",
"assignerShortName": "qnap",
"cveId": "CVE-2025-57705",
"datePublished": "2026-01-02T14:57:17.408Z",
"dateReserved": "2025-08-18T08:29:27.067Z",
"dateUpdated": "2026-01-02T19:15:26.326Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-54166 (GCVE-0-2025-54166)
Vulnerability from cvelistv5 – Published: 2026-01-02 14:57 – Updated: 2026-01-02 19:16
VLAI?
Title
QTS, QuTS hero
Summary
An out-of-bounds read vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to obtain secret data.
We have already fixed the vulnerability in the following versions:
QTS 5.2.7.3256 build 20250913 and later
QuTS hero h5.2.7.3256 build 20250913 and later
QuTS hero h5.3.1.3250 build 20250912 and later
Severity ?
CWE
Assigner
References
1 reference
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| QNAP Systems Inc. | QTS |
Affected:
5.2.x , < 5.2.7.3256 build 20250913
(custom)
|
|
| QNAP Systems Inc. | QuTS hero |
Affected:
h5.2.x , < h5.2.7.3256 build 20250913
(custom)
Affected: h5.3.x , < h5.3.1.3250 build 20250912 (custom) |
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-54166",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-02T19:15:53.616736Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-02T19:16:09.640Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "QTS",
"vendor": "QNAP Systems Inc.",
"versions": [
{
"lessThan": "5.2.7.3256 build 20250913",
"status": "affected",
"version": "5.2.x",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "QuTS hero",
"vendor": "QNAP Systems Inc.",
"versions": [
{
"lessThan": "h5.2.7.3256 build 20250913",
"status": "affected",
"version": "h5.2.x",
"versionType": "custom"
},
{
"lessThan": "h5.3.1.3250 build 20250912",
"status": "affected",
"version": "h5.3.x",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:qnap_systems_inc.:qts:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.2.7.3256_build_20250913",
"versionStartIncluding": "5.2.x",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:qnap_systems_inc.:quts_hero:*:*:*:*:*:*:*:*",
"versionEndExcluding": "h5.2.7.3256_build_20250913",
"versionStartIncluding": "h5.2.x",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:qnap_systems_inc.:quts_hero:*:*:*:*:*:*:*:*",
"versionEndExcluding": "h5.3.1.3250_build_20250912",
"versionStartIncluding": "h5.3.x",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "coral"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An out-of-bounds read vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to obtain secret data.\u003cbr\u003e\u003cbr\u003eWe have already fixed the vulnerability in the following versions:\u003cbr\u003eQTS 5.2.7.3256 build 20250913 and later\u003cbr\u003eQuTS hero h5.2.7.3256 build 20250913 and later\u003cbr\u003eQuTS hero h5.3.1.3250 build 20250912 and later\u003cbr\u003e"
}
],
"value": "An out-of-bounds read vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to obtain secret data.\n\nWe have already fixed the vulnerability in the following versions:\nQTS 5.2.7.3256 build 20250913 and later\nQuTS hero h5.2.7.3256 build 20250913 and later\nQuTS hero h5.3.1.3250 build 20250912 and later"
}
],
"impacts": [
{
"capecId": "CAPEC-540",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-540"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"exploitMaturity": "UNREPORTED",
"privilegesRequired": "HIGH",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-02T14:57:05.534Z",
"orgId": "2fd009eb-170a-4625-932b-17a53af1051f",
"shortName": "qnap"
},
"references": [
{
"url": "https://www.qnap.com/en/security-advisory/qsa-25-50"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "We have already fixed the vulnerability in the following versions:\u003cbr\u003eQTS 5.2.7.3256 build 20250913 and later\u003cbr\u003eQuTS hero h5.2.7.3256 build 20250913 and later\u003cbr\u003eQuTS hero h5.3.1.3250 build 20250912 and later\u003cbr\u003e"
}
],
"value": "We have already fixed the vulnerability in the following versions:\nQTS 5.2.7.3256 build 20250913 and later\nQuTS hero h5.2.7.3256 build 20250913 and later\nQuTS hero h5.3.1.3250 build 20250912 and later"
}
],
"source": {
"advisory": "QSA-25-50",
"discovery": "EXTERNAL"
},
"title": "QTS, QuTS hero",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "2fd009eb-170a-4625-932b-17a53af1051f",
"assignerShortName": "qnap",
"cveId": "CVE-2025-54166",
"datePublished": "2026-01-02T14:57:05.534Z",
"dateReserved": "2025-07-17T08:05:28.816Z",
"dateUpdated": "2026-01-02T19:16:09.640Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-54165 (GCVE-0-2025-54165)
Vulnerability from cvelistv5 – Published: 2026-01-02 14:56 – Updated: 2026-01-02 19:16
VLAI?
Title
QTS, QuTS hero
Summary
An out-of-bounds read vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to obtain secret data.
We have already fixed the vulnerability in the following versions:
QTS 5.2.7.3256 build 20250913 and later
QuTS hero h5.2.7.3256 build 20250913 and later
QuTS hero h5.3.1.3250 build 20250912 and later
Severity ?
CWE
Assigner
References
1 reference
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| QNAP Systems Inc. | QTS |
Affected:
5.2.x , < 5.2.7.3256 build 20250913
(custom)
|
|
| QNAP Systems Inc. | QuTS hero |
Affected:
h5.2.x , < h5.2.7.3256 build 20250913
(custom)
Affected: h5.3.x , < h5.3.1.3250 build 20250912 (custom) |
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-54165",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-02T19:16:31.725052Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-02T19:16:42.072Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "QTS",
"vendor": "QNAP Systems Inc.",
"versions": [
{
"lessThan": "5.2.7.3256 build 20250913",
"status": "affected",
"version": "5.2.x",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "QuTS hero",
"vendor": "QNAP Systems Inc.",
"versions": [
{
"lessThan": "h5.2.7.3256 build 20250913",
"status": "affected",
"version": "h5.2.x",
"versionType": "custom"
},
{
"lessThan": "h5.3.1.3250 build 20250912",
"status": "affected",
"version": "h5.3.x",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:qnap_systems_inc.:qts:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.2.7.3256_build_20250913",
"versionStartIncluding": "5.2.x",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:qnap_systems_inc.:quts_hero:*:*:*:*:*:*:*:*",
"versionEndExcluding": "h5.2.7.3256_build_20250913",
"versionStartIncluding": "h5.2.x",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:qnap_systems_inc.:quts_hero:*:*:*:*:*:*:*:*",
"versionEndExcluding": "h5.3.1.3250_build_20250912",
"versionStartIncluding": "h5.3.x",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "coral"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An out-of-bounds read vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to obtain secret data.\u003cbr\u003e\u003cbr\u003eWe have already fixed the vulnerability in the following versions:\u003cbr\u003eQTS 5.2.7.3256 build 20250913 and later\u003cbr\u003eQuTS hero h5.2.7.3256 build 20250913 and later\u003cbr\u003eQuTS hero h5.3.1.3250 build 20250912 and later\u003cbr\u003e"
}
],
"value": "An out-of-bounds read vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to obtain secret data.\n\nWe have already fixed the vulnerability in the following versions:\nQTS 5.2.7.3256 build 20250913 and later\nQuTS hero h5.2.7.3256 build 20250913 and later\nQuTS hero h5.3.1.3250 build 20250912 and later"
}
],
"impacts": [
{
"capecId": "CAPEC-540",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-540"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"exploitMaturity": "UNREPORTED",
"privilegesRequired": "HIGH",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-02T14:56:54.985Z",
"orgId": "2fd009eb-170a-4625-932b-17a53af1051f",
"shortName": "qnap"
},
"references": [
{
"url": "https://www.qnap.com/en/security-advisory/qsa-25-50"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "We have already fixed the vulnerability in the following versions:\u003cbr\u003eQTS 5.2.7.3256 build 20250913 and later\u003cbr\u003eQuTS hero h5.2.7.3256 build 20250913 and later\u003cbr\u003eQuTS hero h5.3.1.3250 build 20250912 and later\u003cbr\u003e"
}
],
"value": "We have already fixed the vulnerability in the following versions:\nQTS 5.2.7.3256 build 20250913 and later\nQuTS hero h5.2.7.3256 build 20250913 and later\nQuTS hero h5.3.1.3250 build 20250912 and later"
}
],
"source": {
"advisory": "QSA-25-50",
"discovery": "EXTERNAL"
},
"title": "QTS, QuTS hero",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "2fd009eb-170a-4625-932b-17a53af1051f",
"assignerShortName": "qnap",
"cveId": "CVE-2025-54165",
"datePublished": "2026-01-02T14:56:54.985Z",
"dateReserved": "2025-07-17T08:05:28.815Z",
"dateUpdated": "2026-01-02T19:16:42.072Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
FKIE_CVE-2025-54166
Vulnerability from fkie_nvd - Published: 2026-01-02 15:16 - Updated: 2026-01-05 20:07
Severity ?
Summary
An out-of-bounds read vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to obtain secret data.
We have already fixed the vulnerability in the following versions:
QTS 5.2.7.3256 build 20250913 and later
QuTS hero h5.2.7.3256 build 20250913 and later
QuTS hero h5.3.1.3250 build 20250912 and later
References
| URL | Tags | ||
|---|---|---|---|
| security@qnapsecurity.com.tw | https://www.qnap.com/en/security-advisory/qsa-25-50 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| qnap | quts_hero | h5.2.0.2737 | |
| qnap | quts_hero | h5.2.0.2782 | |
| qnap | quts_hero | h5.2.0.2789 | |
| qnap | quts_hero | h5.2.0.2802 | |
| qnap | quts_hero | h5.2.0.2823 | |
| qnap | quts_hero | h5.2.0.2851 | |
| qnap | quts_hero | h5.2.0.2860 | |
| qnap | quts_hero | h5.2.1.2929 | |
| qnap | quts_hero | h5.2.1.2940 | |
| qnap | quts_hero | h5.2.2.2952 | |
| qnap | quts_hero | h5.2.3.3006 | |
| qnap | quts_hero | h5.2.4.3070 | |
| qnap | quts_hero | h5.2.4.3079 | |
| qnap | quts_hero | h5.2.5.3138 | |
| qnap | quts_hero | h5.2.6.3195 | |
| qnap | quts_hero | h5.3.0.3115 | |
| qnap | quts_hero | h5.3.0.3145 | |
| qnap | quts_hero | h5.3.0.3192 | |
| qnap | qts | 5.2.0.2737 | |
| qnap | qts | 5.2.0.2744 | |
| qnap | qts | 5.2.0.2782 | |
| qnap | qts | 5.2.0.2802 | |
| qnap | qts | 5.2.0.2823 | |
| qnap | qts | 5.2.0.2851 | |
| qnap | qts | 5.2.0.2860 | |
| qnap | qts | 5.2.1.2930 | |
| qnap | qts | 5.2.2.2950 | |
| qnap | qts | 5.2.3.3006 | |
| qnap | qts | 5.2.4.3070 | |
| qnap | qts | 5.2.4.3079 | |
| qnap | qts | 5.2.4.3092 | |
| qnap | qts | 5.2.5.3145 | |
| qnap | qts | 5.2.6.3195 | |
| qnap | qts | 5.2.6.3229 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.0.2737:build_20240417:*:*:*:*:*:*",
"matchCriteriaId": "CDCBB36A-CB91-4BA3-A6ED-952E6A4A0481",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.0.2782:build_20240601:*:*:*:*:*:*",
"matchCriteriaId": "240BCFF1-CCCB-4C07-8E2C-7F43F68407FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.0.2789:build_20240607:*:*:*:*:*:*",
"matchCriteriaId": "D3AF7276-77E0-474A-B10F-AC15BC5FCF00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.0.2802:build_20240620:*:*:*:*:*:*",
"matchCriteriaId": "5FA8C3EC-B6C0-44A8-BC91-18E3E90C63AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.0.2823:build_20240711:*:*:*:*:*:*",
"matchCriteriaId": "889336D2-D9F7-4CC0-A22F-B837B5E77751",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.0.2851:build_20240808:*:*:*:*:*:*",
"matchCriteriaId": "98F72EB9-0EE3-416A-B9BB-2512F5203A5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.0.2860:build_20240817:*:*:*:*:*:*",
"matchCriteriaId": "9110382F-57C2-4C2E-82D1-3246C882B2C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.1.2929:build_20241025:*:*:*:*:*:*",
"matchCriteriaId": "DB92EFD7-47DD-4AAC-97BD-A2D4918FF4ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.1.2940:build_20241105:*:*:*:*:*:*",
"matchCriteriaId": "78E38E23-1AD0-49E1-89FA-73DC2F496137",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.2.2952:build_20241116:*:*:*:*:*:*",
"matchCriteriaId": "F2F302B6-26CC-4044-B480-4EBDBB90797F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.3.3006:build_20250108:*:*:*:*:*:*",
"matchCriteriaId": "BF0093B6-8D38-4D1E-AD71-79299123C2B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.4.3070:build_20250312:*:*:*:*:*:*",
"matchCriteriaId": "48A3CDAA-B0C6-4280-B1AC-DDD027F9D632",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.4.3079:build_20250321:*:*:*:*:*:*",
"matchCriteriaId": "1807DE4F-CDF3-4E3B-ADC1-9535EF1D60FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.5.3138:build_20250519:*:*:*:*:*:*",
"matchCriteriaId": "68FF7342-A0AF-4E75-9CD6-D584B450B8AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.6.3195:build_20250715:*:*:*:*:*:*",
"matchCriteriaId": "A8E84E3D-943C-4DF5-86D3-DCAC3C034B81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.3.0.3115:build_20250430:*:*:*:*:*:*",
"matchCriteriaId": "4175C7F7-E946-41C6-8863-E23233B91A2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.3.0.3145:build_20250530:*:*:*:*:*:*",
"matchCriteriaId": "DE16C73E-9291-44FD-A9CB-B7C127E67A6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.3.0.3192:build_20250716:*:*:*:*:*:*",
"matchCriteriaId": "ED4023E4-6C28-413A-B7B1-6CEEBC48A1C0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.0.2737:build_20240417:*:*:*:*:*:*",
"matchCriteriaId": "F4026A4B-7AB4-48EA-971D-88DFDD3F01A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.0.2744:build_20240424:*:*:*:*:*:*",
"matchCriteriaId": "1F3F99BB-0D68-4D74-92C8-59E24F96C50D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.0.2782:build_20240601:*:*:*:*:*:*",
"matchCriteriaId": "1DE63B4D-8E84-41D3-B1F3-04AE6040242B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.0.2802:build_20240620:*:*:*:*:*:*",
"matchCriteriaId": "75746563-C648-4E55-9126-703F915F8B8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.0.2823:build_20240711:*:*:*:*:*:*",
"matchCriteriaId": "AF6BA027-A635-4E90-80C8-130B10AB3D23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.0.2851:build_20240808:*:*:*:*:*:*",
"matchCriteriaId": "5406F242-A215-4B07-809F-7A7CE55ACE71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.0.2860:build_20240817:*:*:*:*:*:*",
"matchCriteriaId": "FA17778E-B3B1-44DD-B4E9-5AD25A3E804C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.1.2930:build_20241025:*:*:*:*:*:*",
"matchCriteriaId": "E3FC6646-2247-4ED9-9643-CD376674E2E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.2.2950:build_20241114:*:*:*:*:*:*",
"matchCriteriaId": "62170342-067D-442C-88FB-64A4BEA8AFE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.3.3006:build_20250108:*:*:*:*:*:*",
"matchCriteriaId": "82464467-E1E6-47E1-BDE5-DDFA52994A47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.4.3070:build_20250312:*:*:*:*:*:*",
"matchCriteriaId": "75AE902C-0516-4341-9BF0-21D8803E091C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.4.3079:build_20250321:*:*:*:*:*:*",
"matchCriteriaId": "5B005D70-8C91-48D4-B09A-9EBE2E9E5090",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.4.3092:build_20250403:*:*:*:*:*:*",
"matchCriteriaId": "82FE5F89-A0E1-4D1B-A363-0A0D4141F502",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.5.3145:build_20250526:*:*:*:*:*:*",
"matchCriteriaId": "B21A9EE0-88D5-42D9-BA21-D55518FCC6E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.6.3195:build_20250715:*:*:*:*:*:*",
"matchCriteriaId": "3B575CF2-21F3-4435-B6B4-61D79B34429C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.6.3229:build_20250818:*:*:*:*:*:*",
"matchCriteriaId": "E2EBD305-91E3-4BCC-835B-4878DF4DA3B8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An out-of-bounds read vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to obtain secret data.\n\nWe have already fixed the vulnerability in the following versions:\nQTS 5.2.7.3256 build 20250913 and later\nQuTS hero h5.2.7.3256 build 20250913 and later\nQuTS hero h5.3.1.3250 build 20250912 and later"
}
],
"id": "CVE-2025-54166",
"lastModified": "2026-01-05T20:07:57.633",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
],
"cvssMetricV40": [
{
"cvssData": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityRequirement": "NOT_DEFINED",
"exploitMaturity": "UNREPORTED",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"privilegesRequired": "HIGH",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"source": "security@qnapsecurity.com.tw",
"type": "Secondary"
}
]
},
"published": "2026-01-02T15:16:03.107",
"references": [
{
"source": "security@qnapsecurity.com.tw",
"tags": [
"Vendor Advisory"
],
"url": "https://www.qnap.com/en/security-advisory/qsa-25-50"
}
],
"sourceIdentifier": "security@qnapsecurity.com.tw",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "security@qnapsecurity.com.tw",
"type": "Primary"
}
]
}
FKIE_CVE-2025-57705
Vulnerability from fkie_nvd - Published: 2026-01-02 15:16 - Updated: 2026-01-05 19:44
Severity ?
Summary
An allocation of resources without limits or throttling vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to prevent other systems, applications, or processes from accessing the same type of resource.
We have already fixed the vulnerability in the following versions:
QTS 5.2.7.3256 build 20250913 and later
QuTS hero h5.2.7.3256 build 20250913 and later
QuTS hero h5.3.1.3250 build 20250912 and later
References
| URL | Tags | ||
|---|---|---|---|
| security@qnapsecurity.com.tw | https://www.qnap.com/en/security-advisory/qsa-25-50 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| qnap | quts_hero | h5.2.0.2737 | |
| qnap | quts_hero | h5.2.0.2782 | |
| qnap | quts_hero | h5.2.0.2789 | |
| qnap | quts_hero | h5.2.0.2802 | |
| qnap | quts_hero | h5.2.0.2823 | |
| qnap | quts_hero | h5.2.0.2851 | |
| qnap | quts_hero | h5.2.0.2860 | |
| qnap | quts_hero | h5.2.1.2929 | |
| qnap | quts_hero | h5.2.1.2940 | |
| qnap | quts_hero | h5.2.2.2952 | |
| qnap | quts_hero | h5.2.3.3006 | |
| qnap | quts_hero | h5.2.4.3070 | |
| qnap | quts_hero | h5.2.4.3079 | |
| qnap | quts_hero | h5.2.5.3138 | |
| qnap | quts_hero | h5.2.6.3195 | |
| qnap | quts_hero | h5.3.0.3115 | |
| qnap | quts_hero | h5.3.0.3145 | |
| qnap | quts_hero | h5.3.0.3192 | |
| qnap | qts | 5.2.0.2737 | |
| qnap | qts | 5.2.0.2744 | |
| qnap | qts | 5.2.0.2782 | |
| qnap | qts | 5.2.0.2802 | |
| qnap | qts | 5.2.0.2823 | |
| qnap | qts | 5.2.0.2851 | |
| qnap | qts | 5.2.0.2860 | |
| qnap | qts | 5.2.1.2930 | |
| qnap | qts | 5.2.2.2950 | |
| qnap | qts | 5.2.3.3006 | |
| qnap | qts | 5.2.4.3070 | |
| qnap | qts | 5.2.4.3079 | |
| qnap | qts | 5.2.4.3092 | |
| qnap | qts | 5.2.5.3145 | |
| qnap | qts | 5.2.6.3195 | |
| qnap | qts | 5.2.6.3229 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.0.2737:build_20240417:*:*:*:*:*:*",
"matchCriteriaId": "CDCBB36A-CB91-4BA3-A6ED-952E6A4A0481",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.0.2782:build_20240601:*:*:*:*:*:*",
"matchCriteriaId": "240BCFF1-CCCB-4C07-8E2C-7F43F68407FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.0.2789:build_20240607:*:*:*:*:*:*",
"matchCriteriaId": "D3AF7276-77E0-474A-B10F-AC15BC5FCF00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.0.2802:build_20240620:*:*:*:*:*:*",
"matchCriteriaId": "5FA8C3EC-B6C0-44A8-BC91-18E3E90C63AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.0.2823:build_20240711:*:*:*:*:*:*",
"matchCriteriaId": "889336D2-D9F7-4CC0-A22F-B837B5E77751",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.0.2851:build_20240808:*:*:*:*:*:*",
"matchCriteriaId": "98F72EB9-0EE3-416A-B9BB-2512F5203A5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.0.2860:build_20240817:*:*:*:*:*:*",
"matchCriteriaId": "9110382F-57C2-4C2E-82D1-3246C882B2C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.1.2929:build_20241025:*:*:*:*:*:*",
"matchCriteriaId": "DB92EFD7-47DD-4AAC-97BD-A2D4918FF4ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.1.2940:build_20241105:*:*:*:*:*:*",
"matchCriteriaId": "78E38E23-1AD0-49E1-89FA-73DC2F496137",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.2.2952:build_20241116:*:*:*:*:*:*",
"matchCriteriaId": "F2F302B6-26CC-4044-B480-4EBDBB90797F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.3.3006:build_20250108:*:*:*:*:*:*",
"matchCriteriaId": "BF0093B6-8D38-4D1E-AD71-79299123C2B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.4.3070:build_20250312:*:*:*:*:*:*",
"matchCriteriaId": "48A3CDAA-B0C6-4280-B1AC-DDD027F9D632",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.4.3079:build_20250321:*:*:*:*:*:*",
"matchCriteriaId": "1807DE4F-CDF3-4E3B-ADC1-9535EF1D60FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.5.3138:build_20250519:*:*:*:*:*:*",
"matchCriteriaId": "68FF7342-A0AF-4E75-9CD6-D584B450B8AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.6.3195:build_20250715:*:*:*:*:*:*",
"matchCriteriaId": "A8E84E3D-943C-4DF5-86D3-DCAC3C034B81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.3.0.3115:build_20250430:*:*:*:*:*:*",
"matchCriteriaId": "4175C7F7-E946-41C6-8863-E23233B91A2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.3.0.3145:build_20250530:*:*:*:*:*:*",
"matchCriteriaId": "DE16C73E-9291-44FD-A9CB-B7C127E67A6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.3.0.3192:build_20250716:*:*:*:*:*:*",
"matchCriteriaId": "ED4023E4-6C28-413A-B7B1-6CEEBC48A1C0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.0.2737:build_20240417:*:*:*:*:*:*",
"matchCriteriaId": "F4026A4B-7AB4-48EA-971D-88DFDD3F01A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.0.2744:build_20240424:*:*:*:*:*:*",
"matchCriteriaId": "1F3F99BB-0D68-4D74-92C8-59E24F96C50D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.0.2782:build_20240601:*:*:*:*:*:*",
"matchCriteriaId": "1DE63B4D-8E84-41D3-B1F3-04AE6040242B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.0.2802:build_20240620:*:*:*:*:*:*",
"matchCriteriaId": "75746563-C648-4E55-9126-703F915F8B8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.0.2823:build_20240711:*:*:*:*:*:*",
"matchCriteriaId": "AF6BA027-A635-4E90-80C8-130B10AB3D23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.0.2851:build_20240808:*:*:*:*:*:*",
"matchCriteriaId": "5406F242-A215-4B07-809F-7A7CE55ACE71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.0.2860:build_20240817:*:*:*:*:*:*",
"matchCriteriaId": "FA17778E-B3B1-44DD-B4E9-5AD25A3E804C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.1.2930:build_20241025:*:*:*:*:*:*",
"matchCriteriaId": "E3FC6646-2247-4ED9-9643-CD376674E2E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.2.2950:build_20241114:*:*:*:*:*:*",
"matchCriteriaId": "62170342-067D-442C-88FB-64A4BEA8AFE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.3.3006:build_20250108:*:*:*:*:*:*",
"matchCriteriaId": "82464467-E1E6-47E1-BDE5-DDFA52994A47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.4.3070:build_20250312:*:*:*:*:*:*",
"matchCriteriaId": "75AE902C-0516-4341-9BF0-21D8803E091C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.4.3079:build_20250321:*:*:*:*:*:*",
"matchCriteriaId": "5B005D70-8C91-48D4-B09A-9EBE2E9E5090",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.4.3092:build_20250403:*:*:*:*:*:*",
"matchCriteriaId": "82FE5F89-A0E1-4D1B-A363-0A0D4141F502",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.5.3145:build_20250526:*:*:*:*:*:*",
"matchCriteriaId": "B21A9EE0-88D5-42D9-BA21-D55518FCC6E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.6.3195:build_20250715:*:*:*:*:*:*",
"matchCriteriaId": "3B575CF2-21F3-4435-B6B4-61D79B34429C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.6.3229:build_20250818:*:*:*:*:*:*",
"matchCriteriaId": "E2EBD305-91E3-4BCC-835B-4878DF4DA3B8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An allocation of resources without limits or throttling vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to prevent other systems, applications, or processes from accessing the same type of resource.\n\nWe have already fixed the vulnerability in the following versions:\nQTS 5.2.7.3256 build 20250913 and later\nQuTS hero h5.2.7.3256 build 20250913 and later\nQuTS hero h5.3.1.3250 build 20250912 and later"
}
],
"id": "CVE-2025-57705",
"lastModified": "2026-01-05T19:44:29.660",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
],
"cvssMetricV40": [
{
"cvssData": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityRequirement": "NOT_DEFINED",
"exploitMaturity": "UNREPORTED",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"privilegesRequired": "HIGH",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"source": "security@qnapsecurity.com.tw",
"type": "Secondary"
}
]
},
"published": "2026-01-02T15:16:03.243",
"references": [
{
"source": "security@qnapsecurity.com.tw",
"tags": [
"Vendor Advisory"
],
"url": "https://www.qnap.com/en/security-advisory/qsa-25-50"
}
],
"sourceIdentifier": "security@qnapsecurity.com.tw",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-770"
}
],
"source": "security@qnapsecurity.com.tw",
"type": "Primary"
}
]
}
FKIE_CVE-2025-53593
Vulnerability from fkie_nvd - Published: 2026-01-02 15:16 - Updated: 2026-01-05 20:12
Severity ?
Summary
A buffer overflow vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to modify memory or crash processes.
We have already fixed the vulnerability in the following versions:
QTS 5.2.7.3256 build 20250913 and later
QuTS hero h5.2.7.3256 build 20250913 and later
QuTS hero h5.3.1.3250 build 20250912 and later
References
| URL | Tags | ||
|---|---|---|---|
| security@qnapsecurity.com.tw | https://www.qnap.com/en/security-advisory/qsa-25-50 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| qnap | quts_hero | h5.2.0.2737 | |
| qnap | quts_hero | h5.2.0.2782 | |
| qnap | quts_hero | h5.2.0.2789 | |
| qnap | quts_hero | h5.2.0.2802 | |
| qnap | quts_hero | h5.2.0.2823 | |
| qnap | quts_hero | h5.2.0.2851 | |
| qnap | quts_hero | h5.2.0.2860 | |
| qnap | quts_hero | h5.2.1.2929 | |
| qnap | quts_hero | h5.2.1.2940 | |
| qnap | quts_hero | h5.2.2.2952 | |
| qnap | quts_hero | h5.2.3.3006 | |
| qnap | quts_hero | h5.2.4.3070 | |
| qnap | quts_hero | h5.2.4.3079 | |
| qnap | quts_hero | h5.2.5.3138 | |
| qnap | quts_hero | h5.2.6.3195 | |
| qnap | quts_hero | h5.3.0.3115 | |
| qnap | quts_hero | h5.3.0.3145 | |
| qnap | quts_hero | h5.3.0.3192 | |
| qnap | qts | 5.2.0.2737 | |
| qnap | qts | 5.2.0.2744 | |
| qnap | qts | 5.2.0.2782 | |
| qnap | qts | 5.2.0.2802 | |
| qnap | qts | 5.2.0.2823 | |
| qnap | qts | 5.2.0.2851 | |
| qnap | qts | 5.2.0.2860 | |
| qnap | qts | 5.2.1.2930 | |
| qnap | qts | 5.2.2.2950 | |
| qnap | qts | 5.2.3.3006 | |
| qnap | qts | 5.2.4.3070 | |
| qnap | qts | 5.2.4.3079 | |
| qnap | qts | 5.2.4.3092 | |
| qnap | qts | 5.2.5.3145 | |
| qnap | qts | 5.2.6.3195 | |
| qnap | qts | 5.2.6.3229 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.0.2737:build_20240417:*:*:*:*:*:*",
"matchCriteriaId": "CDCBB36A-CB91-4BA3-A6ED-952E6A4A0481",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.0.2782:build_20240601:*:*:*:*:*:*",
"matchCriteriaId": "240BCFF1-CCCB-4C07-8E2C-7F43F68407FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.0.2789:build_20240607:*:*:*:*:*:*",
"matchCriteriaId": "D3AF7276-77E0-474A-B10F-AC15BC5FCF00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.0.2802:build_20240620:*:*:*:*:*:*",
"matchCriteriaId": "5FA8C3EC-B6C0-44A8-BC91-18E3E90C63AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.0.2823:build_20240711:*:*:*:*:*:*",
"matchCriteriaId": "889336D2-D9F7-4CC0-A22F-B837B5E77751",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.0.2851:build_20240808:*:*:*:*:*:*",
"matchCriteriaId": "98F72EB9-0EE3-416A-B9BB-2512F5203A5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.0.2860:build_20240817:*:*:*:*:*:*",
"matchCriteriaId": "9110382F-57C2-4C2E-82D1-3246C882B2C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.1.2929:build_20241025:*:*:*:*:*:*",
"matchCriteriaId": "DB92EFD7-47DD-4AAC-97BD-A2D4918FF4ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.1.2940:build_20241105:*:*:*:*:*:*",
"matchCriteriaId": "78E38E23-1AD0-49E1-89FA-73DC2F496137",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.2.2952:build_20241116:*:*:*:*:*:*",
"matchCriteriaId": "F2F302B6-26CC-4044-B480-4EBDBB90797F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.3.3006:build_20250108:*:*:*:*:*:*",
"matchCriteriaId": "BF0093B6-8D38-4D1E-AD71-79299123C2B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.4.3070:build_20250312:*:*:*:*:*:*",
"matchCriteriaId": "48A3CDAA-B0C6-4280-B1AC-DDD027F9D632",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.4.3079:build_20250321:*:*:*:*:*:*",
"matchCriteriaId": "1807DE4F-CDF3-4E3B-ADC1-9535EF1D60FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.5.3138:build_20250519:*:*:*:*:*:*",
"matchCriteriaId": "68FF7342-A0AF-4E75-9CD6-D584B450B8AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.6.3195:build_20250715:*:*:*:*:*:*",
"matchCriteriaId": "A8E84E3D-943C-4DF5-86D3-DCAC3C034B81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.3.0.3115:build_20250430:*:*:*:*:*:*",
"matchCriteriaId": "4175C7F7-E946-41C6-8863-E23233B91A2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.3.0.3145:build_20250530:*:*:*:*:*:*",
"matchCriteriaId": "DE16C73E-9291-44FD-A9CB-B7C127E67A6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.3.0.3192:build_20250716:*:*:*:*:*:*",
"matchCriteriaId": "ED4023E4-6C28-413A-B7B1-6CEEBC48A1C0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.0.2737:build_20240417:*:*:*:*:*:*",
"matchCriteriaId": "F4026A4B-7AB4-48EA-971D-88DFDD3F01A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.0.2744:build_20240424:*:*:*:*:*:*",
"matchCriteriaId": "1F3F99BB-0D68-4D74-92C8-59E24F96C50D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.0.2782:build_20240601:*:*:*:*:*:*",
"matchCriteriaId": "1DE63B4D-8E84-41D3-B1F3-04AE6040242B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.0.2802:build_20240620:*:*:*:*:*:*",
"matchCriteriaId": "75746563-C648-4E55-9126-703F915F8B8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.0.2823:build_20240711:*:*:*:*:*:*",
"matchCriteriaId": "AF6BA027-A635-4E90-80C8-130B10AB3D23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.0.2851:build_20240808:*:*:*:*:*:*",
"matchCriteriaId": "5406F242-A215-4B07-809F-7A7CE55ACE71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.0.2860:build_20240817:*:*:*:*:*:*",
"matchCriteriaId": "FA17778E-B3B1-44DD-B4E9-5AD25A3E804C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.1.2930:build_20241025:*:*:*:*:*:*",
"matchCriteriaId": "E3FC6646-2247-4ED9-9643-CD376674E2E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.2.2950:build_20241114:*:*:*:*:*:*",
"matchCriteriaId": "62170342-067D-442C-88FB-64A4BEA8AFE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.3.3006:build_20250108:*:*:*:*:*:*",
"matchCriteriaId": "82464467-E1E6-47E1-BDE5-DDFA52994A47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.4.3070:build_20250312:*:*:*:*:*:*",
"matchCriteriaId": "75AE902C-0516-4341-9BF0-21D8803E091C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.4.3079:build_20250321:*:*:*:*:*:*",
"matchCriteriaId": "5B005D70-8C91-48D4-B09A-9EBE2E9E5090",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.4.3092:build_20250403:*:*:*:*:*:*",
"matchCriteriaId": "82FE5F89-A0E1-4D1B-A363-0A0D4141F502",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.5.3145:build_20250526:*:*:*:*:*:*",
"matchCriteriaId": "B21A9EE0-88D5-42D9-BA21-D55518FCC6E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.6.3195:build_20250715:*:*:*:*:*:*",
"matchCriteriaId": "3B575CF2-21F3-4435-B6B4-61D79B34429C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.6.3229:build_20250818:*:*:*:*:*:*",
"matchCriteriaId": "E2EBD305-91E3-4BCC-835B-4878DF4DA3B8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A buffer overflow vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to modify memory or crash processes.\n\nWe have already fixed the vulnerability in the following versions:\nQTS 5.2.7.3256 build 20250913 and later\nQuTS hero h5.2.7.3256 build 20250913 and later\nQuTS hero h5.3.1.3250 build 20250912 and later"
}
],
"id": "CVE-2025-53593",
"lastModified": "2026-01-05T20:12:40.680",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
],
"cvssMetricV40": [
{
"cvssData": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 1.2,
"baseSeverity": "LOW",
"confidentialityRequirement": "NOT_DEFINED",
"exploitMaturity": "UNREPORTED",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"privilegesRequired": "HIGH",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"source": "security@qnapsecurity.com.tw",
"type": "Secondary"
}
]
},
"published": "2026-01-02T15:16:02.540",
"references": [
{
"source": "security@qnapsecurity.com.tw",
"tags": [
"Vendor Advisory"
],
"url": "https://www.qnap.com/en/security-advisory/qsa-25-50"
}
],
"sourceIdentifier": "security@qnapsecurity.com.tw",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-121"
}
],
"source": "security@qnapsecurity.com.tw",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2025-54165
Vulnerability from fkie_nvd - Published: 2026-01-02 15:16 - Updated: 2026-01-05 20:08
Severity ?
Summary
An out-of-bounds read vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to obtain secret data.
We have already fixed the vulnerability in the following versions:
QTS 5.2.7.3256 build 20250913 and later
QuTS hero h5.2.7.3256 build 20250913 and later
QuTS hero h5.3.1.3250 build 20250912 and later
References
| URL | Tags | ||
|---|---|---|---|
| security@qnapsecurity.com.tw | https://www.qnap.com/en/security-advisory/qsa-25-50 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| qnap | quts_hero | h5.2.0.2737 | |
| qnap | quts_hero | h5.2.0.2782 | |
| qnap | quts_hero | h5.2.0.2789 | |
| qnap | quts_hero | h5.2.0.2802 | |
| qnap | quts_hero | h5.2.0.2823 | |
| qnap | quts_hero | h5.2.0.2851 | |
| qnap | quts_hero | h5.2.0.2860 | |
| qnap | quts_hero | h5.2.1.2929 | |
| qnap | quts_hero | h5.2.1.2940 | |
| qnap | quts_hero | h5.2.2.2952 | |
| qnap | quts_hero | h5.2.3.3006 | |
| qnap | quts_hero | h5.2.4.3070 | |
| qnap | quts_hero | h5.2.4.3079 | |
| qnap | quts_hero | h5.2.5.3138 | |
| qnap | quts_hero | h5.2.6.3195 | |
| qnap | quts_hero | h5.3.0.3115 | |
| qnap | quts_hero | h5.3.0.3145 | |
| qnap | quts_hero | h5.3.0.3192 | |
| qnap | qts | 5.2.0.2737 | |
| qnap | qts | 5.2.0.2744 | |
| qnap | qts | 5.2.0.2782 | |
| qnap | qts | 5.2.0.2802 | |
| qnap | qts | 5.2.0.2823 | |
| qnap | qts | 5.2.0.2851 | |
| qnap | qts | 5.2.0.2860 | |
| qnap | qts | 5.2.1.2930 | |
| qnap | qts | 5.2.2.2950 | |
| qnap | qts | 5.2.3.3006 | |
| qnap | qts | 5.2.4.3070 | |
| qnap | qts | 5.2.4.3079 | |
| qnap | qts | 5.2.4.3092 | |
| qnap | qts | 5.2.5.3145 | |
| qnap | qts | 5.2.6.3195 | |
| qnap | qts | 5.2.6.3229 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.0.2737:build_20240417:*:*:*:*:*:*",
"matchCriteriaId": "CDCBB36A-CB91-4BA3-A6ED-952E6A4A0481",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.0.2782:build_20240601:*:*:*:*:*:*",
"matchCriteriaId": "240BCFF1-CCCB-4C07-8E2C-7F43F68407FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.0.2789:build_20240607:*:*:*:*:*:*",
"matchCriteriaId": "D3AF7276-77E0-474A-B10F-AC15BC5FCF00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.0.2802:build_20240620:*:*:*:*:*:*",
"matchCriteriaId": "5FA8C3EC-B6C0-44A8-BC91-18E3E90C63AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.0.2823:build_20240711:*:*:*:*:*:*",
"matchCriteriaId": "889336D2-D9F7-4CC0-A22F-B837B5E77751",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.0.2851:build_20240808:*:*:*:*:*:*",
"matchCriteriaId": "98F72EB9-0EE3-416A-B9BB-2512F5203A5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.0.2860:build_20240817:*:*:*:*:*:*",
"matchCriteriaId": "9110382F-57C2-4C2E-82D1-3246C882B2C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.1.2929:build_20241025:*:*:*:*:*:*",
"matchCriteriaId": "DB92EFD7-47DD-4AAC-97BD-A2D4918FF4ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.1.2940:build_20241105:*:*:*:*:*:*",
"matchCriteriaId": "78E38E23-1AD0-49E1-89FA-73DC2F496137",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.2.2952:build_20241116:*:*:*:*:*:*",
"matchCriteriaId": "F2F302B6-26CC-4044-B480-4EBDBB90797F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.3.3006:build_20250108:*:*:*:*:*:*",
"matchCriteriaId": "BF0093B6-8D38-4D1E-AD71-79299123C2B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.4.3070:build_20250312:*:*:*:*:*:*",
"matchCriteriaId": "48A3CDAA-B0C6-4280-B1AC-DDD027F9D632",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.4.3079:build_20250321:*:*:*:*:*:*",
"matchCriteriaId": "1807DE4F-CDF3-4E3B-ADC1-9535EF1D60FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.5.3138:build_20250519:*:*:*:*:*:*",
"matchCriteriaId": "68FF7342-A0AF-4E75-9CD6-D584B450B8AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.6.3195:build_20250715:*:*:*:*:*:*",
"matchCriteriaId": "A8E84E3D-943C-4DF5-86D3-DCAC3C034B81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.3.0.3115:build_20250430:*:*:*:*:*:*",
"matchCriteriaId": "4175C7F7-E946-41C6-8863-E23233B91A2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.3.0.3145:build_20250530:*:*:*:*:*:*",
"matchCriteriaId": "DE16C73E-9291-44FD-A9CB-B7C127E67A6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.3.0.3192:build_20250716:*:*:*:*:*:*",
"matchCriteriaId": "ED4023E4-6C28-413A-B7B1-6CEEBC48A1C0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.0.2737:build_20240417:*:*:*:*:*:*",
"matchCriteriaId": "F4026A4B-7AB4-48EA-971D-88DFDD3F01A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.0.2744:build_20240424:*:*:*:*:*:*",
"matchCriteriaId": "1F3F99BB-0D68-4D74-92C8-59E24F96C50D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.0.2782:build_20240601:*:*:*:*:*:*",
"matchCriteriaId": "1DE63B4D-8E84-41D3-B1F3-04AE6040242B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.0.2802:build_20240620:*:*:*:*:*:*",
"matchCriteriaId": "75746563-C648-4E55-9126-703F915F8B8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.0.2823:build_20240711:*:*:*:*:*:*",
"matchCriteriaId": "AF6BA027-A635-4E90-80C8-130B10AB3D23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.0.2851:build_20240808:*:*:*:*:*:*",
"matchCriteriaId": "5406F242-A215-4B07-809F-7A7CE55ACE71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.0.2860:build_20240817:*:*:*:*:*:*",
"matchCriteriaId": "FA17778E-B3B1-44DD-B4E9-5AD25A3E804C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.1.2930:build_20241025:*:*:*:*:*:*",
"matchCriteriaId": "E3FC6646-2247-4ED9-9643-CD376674E2E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.2.2950:build_20241114:*:*:*:*:*:*",
"matchCriteriaId": "62170342-067D-442C-88FB-64A4BEA8AFE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.3.3006:build_20250108:*:*:*:*:*:*",
"matchCriteriaId": "82464467-E1E6-47E1-BDE5-DDFA52994A47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.4.3070:build_20250312:*:*:*:*:*:*",
"matchCriteriaId": "75AE902C-0516-4341-9BF0-21D8803E091C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.4.3079:build_20250321:*:*:*:*:*:*",
"matchCriteriaId": "5B005D70-8C91-48D4-B09A-9EBE2E9E5090",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.4.3092:build_20250403:*:*:*:*:*:*",
"matchCriteriaId": "82FE5F89-A0E1-4D1B-A363-0A0D4141F502",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.5.3145:build_20250526:*:*:*:*:*:*",
"matchCriteriaId": "B21A9EE0-88D5-42D9-BA21-D55518FCC6E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.6.3195:build_20250715:*:*:*:*:*:*",
"matchCriteriaId": "3B575CF2-21F3-4435-B6B4-61D79B34429C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.6.3229:build_20250818:*:*:*:*:*:*",
"matchCriteriaId": "E2EBD305-91E3-4BCC-835B-4878DF4DA3B8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An out-of-bounds read vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to obtain secret data.\n\nWe have already fixed the vulnerability in the following versions:\nQTS 5.2.7.3256 build 20250913 and later\nQuTS hero h5.2.7.3256 build 20250913 and later\nQuTS hero h5.3.1.3250 build 20250912 and later"
}
],
"id": "CVE-2025-54165",
"lastModified": "2026-01-05T20:08:32.683",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
],
"cvssMetricV40": [
{
"cvssData": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityRequirement": "NOT_DEFINED",
"exploitMaturity": "UNREPORTED",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"privilegesRequired": "HIGH",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"source": "security@qnapsecurity.com.tw",
"type": "Secondary"
}
]
},
"published": "2026-01-02T15:16:02.980",
"references": [
{
"source": "security@qnapsecurity.com.tw",
"tags": [
"Vendor Advisory"
],
"url": "https://www.qnap.com/en/security-advisory/qsa-25-50"
}
],
"sourceIdentifier": "security@qnapsecurity.com.tw",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "security@qnapsecurity.com.tw",
"type": "Primary"
}
]
}
FKIE_CVE-2025-54164
Vulnerability from fkie_nvd - Published: 2026-01-02 15:16 - Updated: 2026-01-05 20:09
Severity ?
Summary
An out-of-bounds read vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to obtain secret data.
We have already fixed the vulnerability in the following versions:
QTS 5.2.7.3256 build 20250913 and later
QuTS hero h5.2.7.3256 build 20250913 and later
QuTS hero h5.3.1.3250 build 20250912 and later
References
| URL | Tags | ||
|---|---|---|---|
| security@qnapsecurity.com.tw | https://www.qnap.com/en/security-advisory/qsa-25-50 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| qnap | quts_hero | h5.2.0.2737 | |
| qnap | quts_hero | h5.2.0.2782 | |
| qnap | quts_hero | h5.2.0.2789 | |
| qnap | quts_hero | h5.2.0.2802 | |
| qnap | quts_hero | h5.2.0.2823 | |
| qnap | quts_hero | h5.2.0.2851 | |
| qnap | quts_hero | h5.2.0.2860 | |
| qnap | quts_hero | h5.2.1.2929 | |
| qnap | quts_hero | h5.2.1.2940 | |
| qnap | quts_hero | h5.2.2.2952 | |
| qnap | quts_hero | h5.2.3.3006 | |
| qnap | quts_hero | h5.2.4.3070 | |
| qnap | quts_hero | h5.2.4.3079 | |
| qnap | quts_hero | h5.2.5.3138 | |
| qnap | quts_hero | h5.2.6.3195 | |
| qnap | quts_hero | h5.3.0.3115 | |
| qnap | quts_hero | h5.3.0.3145 | |
| qnap | quts_hero | h5.3.0.3192 | |
| qnap | qts | 5.2.0.2737 | |
| qnap | qts | 5.2.0.2744 | |
| qnap | qts | 5.2.0.2782 | |
| qnap | qts | 5.2.0.2802 | |
| qnap | qts | 5.2.0.2823 | |
| qnap | qts | 5.2.0.2851 | |
| qnap | qts | 5.2.0.2860 | |
| qnap | qts | 5.2.1.2930 | |
| qnap | qts | 5.2.2.2950 | |
| qnap | qts | 5.2.3.3006 | |
| qnap | qts | 5.2.4.3070 | |
| qnap | qts | 5.2.4.3079 | |
| qnap | qts | 5.2.4.3092 | |
| qnap | qts | 5.2.5.3145 | |
| qnap | qts | 5.2.6.3195 | |
| qnap | qts | 5.2.6.3229 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.0.2737:build_20240417:*:*:*:*:*:*",
"matchCriteriaId": "CDCBB36A-CB91-4BA3-A6ED-952E6A4A0481",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.0.2782:build_20240601:*:*:*:*:*:*",
"matchCriteriaId": "240BCFF1-CCCB-4C07-8E2C-7F43F68407FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.0.2789:build_20240607:*:*:*:*:*:*",
"matchCriteriaId": "D3AF7276-77E0-474A-B10F-AC15BC5FCF00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.0.2802:build_20240620:*:*:*:*:*:*",
"matchCriteriaId": "5FA8C3EC-B6C0-44A8-BC91-18E3E90C63AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.0.2823:build_20240711:*:*:*:*:*:*",
"matchCriteriaId": "889336D2-D9F7-4CC0-A22F-B837B5E77751",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.0.2851:build_20240808:*:*:*:*:*:*",
"matchCriteriaId": "98F72EB9-0EE3-416A-B9BB-2512F5203A5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.0.2860:build_20240817:*:*:*:*:*:*",
"matchCriteriaId": "9110382F-57C2-4C2E-82D1-3246C882B2C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.1.2929:build_20241025:*:*:*:*:*:*",
"matchCriteriaId": "DB92EFD7-47DD-4AAC-97BD-A2D4918FF4ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.1.2940:build_20241105:*:*:*:*:*:*",
"matchCriteriaId": "78E38E23-1AD0-49E1-89FA-73DC2F496137",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.2.2952:build_20241116:*:*:*:*:*:*",
"matchCriteriaId": "F2F302B6-26CC-4044-B480-4EBDBB90797F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.3.3006:build_20250108:*:*:*:*:*:*",
"matchCriteriaId": "BF0093B6-8D38-4D1E-AD71-79299123C2B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.4.3070:build_20250312:*:*:*:*:*:*",
"matchCriteriaId": "48A3CDAA-B0C6-4280-B1AC-DDD027F9D632",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.4.3079:build_20250321:*:*:*:*:*:*",
"matchCriteriaId": "1807DE4F-CDF3-4E3B-ADC1-9535EF1D60FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.5.3138:build_20250519:*:*:*:*:*:*",
"matchCriteriaId": "68FF7342-A0AF-4E75-9CD6-D584B450B8AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.6.3195:build_20250715:*:*:*:*:*:*",
"matchCriteriaId": "A8E84E3D-943C-4DF5-86D3-DCAC3C034B81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.3.0.3115:build_20250430:*:*:*:*:*:*",
"matchCriteriaId": "4175C7F7-E946-41C6-8863-E23233B91A2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.3.0.3145:build_20250530:*:*:*:*:*:*",
"matchCriteriaId": "DE16C73E-9291-44FD-A9CB-B7C127E67A6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.3.0.3192:build_20250716:*:*:*:*:*:*",
"matchCriteriaId": "ED4023E4-6C28-413A-B7B1-6CEEBC48A1C0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.0.2737:build_20240417:*:*:*:*:*:*",
"matchCriteriaId": "F4026A4B-7AB4-48EA-971D-88DFDD3F01A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.0.2744:build_20240424:*:*:*:*:*:*",
"matchCriteriaId": "1F3F99BB-0D68-4D74-92C8-59E24F96C50D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.0.2782:build_20240601:*:*:*:*:*:*",
"matchCriteriaId": "1DE63B4D-8E84-41D3-B1F3-04AE6040242B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.0.2802:build_20240620:*:*:*:*:*:*",
"matchCriteriaId": "75746563-C648-4E55-9126-703F915F8B8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.0.2823:build_20240711:*:*:*:*:*:*",
"matchCriteriaId": "AF6BA027-A635-4E90-80C8-130B10AB3D23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.0.2851:build_20240808:*:*:*:*:*:*",
"matchCriteriaId": "5406F242-A215-4B07-809F-7A7CE55ACE71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.0.2860:build_20240817:*:*:*:*:*:*",
"matchCriteriaId": "FA17778E-B3B1-44DD-B4E9-5AD25A3E804C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.1.2930:build_20241025:*:*:*:*:*:*",
"matchCriteriaId": "E3FC6646-2247-4ED9-9643-CD376674E2E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.2.2950:build_20241114:*:*:*:*:*:*",
"matchCriteriaId": "62170342-067D-442C-88FB-64A4BEA8AFE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.3.3006:build_20250108:*:*:*:*:*:*",
"matchCriteriaId": "82464467-E1E6-47E1-BDE5-DDFA52994A47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.4.3070:build_20250312:*:*:*:*:*:*",
"matchCriteriaId": "75AE902C-0516-4341-9BF0-21D8803E091C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.4.3079:build_20250321:*:*:*:*:*:*",
"matchCriteriaId": "5B005D70-8C91-48D4-B09A-9EBE2E9E5090",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.4.3092:build_20250403:*:*:*:*:*:*",
"matchCriteriaId": "82FE5F89-A0E1-4D1B-A363-0A0D4141F502",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.5.3145:build_20250526:*:*:*:*:*:*",
"matchCriteriaId": "B21A9EE0-88D5-42D9-BA21-D55518FCC6E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.6.3195:build_20250715:*:*:*:*:*:*",
"matchCriteriaId": "3B575CF2-21F3-4435-B6B4-61D79B34429C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.6.3229:build_20250818:*:*:*:*:*:*",
"matchCriteriaId": "E2EBD305-91E3-4BCC-835B-4878DF4DA3B8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An out-of-bounds read vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to obtain secret data.\n\nWe have already fixed the vulnerability in the following versions:\nQTS 5.2.7.3256 build 20250913 and later\nQuTS hero h5.2.7.3256 build 20250913 and later\nQuTS hero h5.3.1.3250 build 20250912 and later"
}
],
"id": "CVE-2025-54164",
"lastModified": "2026-01-05T20:09:01.477",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
],
"cvssMetricV40": [
{
"cvssData": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityRequirement": "NOT_DEFINED",
"exploitMaturity": "UNREPORTED",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"privilegesRequired": "HIGH",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"source": "security@qnapsecurity.com.tw",
"type": "Secondary"
}
]
},
"published": "2026-01-02T15:16:02.827",
"references": [
{
"source": "security@qnapsecurity.com.tw",
"tags": [
"Vendor Advisory"
],
"url": "https://www.qnap.com/en/security-advisory/qsa-25-50"
}
],
"sourceIdentifier": "security@qnapsecurity.com.tw",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "security@qnapsecurity.com.tw",
"type": "Primary"
}
]
}
FKIE_CVE-2025-53596
Vulnerability from fkie_nvd - Published: 2026-01-02 15:16 - Updated: 2026-01-05 20:18
Severity ?
Summary
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack.
We have already fixed the vulnerability in the following versions:
QTS 5.2.7.3256 build 20250913 and later
QuTS hero h5.2.7.3256 build 20250913 and later
QuTS hero h5.3.1.3250 build 20250912 and later
References
| URL | Tags | ||
|---|---|---|---|
| security@qnapsecurity.com.tw | https://www.qnap.com/en/security-advisory/qsa-25-50 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| qnap | qts | 5.2.0.2737 | |
| qnap | qts | 5.2.0.2744 | |
| qnap | qts | 5.2.0.2782 | |
| qnap | qts | 5.2.0.2802 | |
| qnap | qts | 5.2.0.2823 | |
| qnap | qts | 5.2.0.2851 | |
| qnap | qts | 5.2.0.2860 | |
| qnap | qts | 5.2.1.2930 | |
| qnap | qts | 5.2.2.2950 | |
| qnap | qts | 5.2.3.3006 | |
| qnap | qts | 5.2.4.3070 | |
| qnap | qts | 5.2.4.3079 | |
| qnap | qts | 5.2.4.3092 | |
| qnap | qts | 5.2.5.3145 | |
| qnap | qts | 5.2.6.3195 | |
| qnap | qts | 5.2.6.3229 | |
| qnap | quts_hero | h5.2.0.2737 | |
| qnap | quts_hero | h5.2.0.2782 | |
| qnap | quts_hero | h5.2.0.2789 | |
| qnap | quts_hero | h5.2.0.2802 | |
| qnap | quts_hero | h5.2.0.2823 | |
| qnap | quts_hero | h5.2.0.2851 | |
| qnap | quts_hero | h5.2.0.2860 | |
| qnap | quts_hero | h5.2.1.2929 | |
| qnap | quts_hero | h5.2.1.2940 | |
| qnap | quts_hero | h5.2.2.2952 | |
| qnap | quts_hero | h5.2.3.3006 | |
| qnap | quts_hero | h5.2.4.3070 | |
| qnap | quts_hero | h5.2.4.3079 | |
| qnap | quts_hero | h5.2.5.3138 | |
| qnap | quts_hero | h5.2.6.3195 | |
| qnap | quts_hero | h5.3.0.3115 | |
| qnap | quts_hero | h5.3.0.3145 | |
| qnap | quts_hero | h5.3.0.3192 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.0.2737:build_20240417:*:*:*:*:*:*",
"matchCriteriaId": "F4026A4B-7AB4-48EA-971D-88DFDD3F01A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.0.2744:build_20240424:*:*:*:*:*:*",
"matchCriteriaId": "1F3F99BB-0D68-4D74-92C8-59E24F96C50D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.0.2782:build_20240601:*:*:*:*:*:*",
"matchCriteriaId": "1DE63B4D-8E84-41D3-B1F3-04AE6040242B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.0.2802:build_20240620:*:*:*:*:*:*",
"matchCriteriaId": "75746563-C648-4E55-9126-703F915F8B8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.0.2823:build_20240711:*:*:*:*:*:*",
"matchCriteriaId": "AF6BA027-A635-4E90-80C8-130B10AB3D23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.0.2851:build_20240808:*:*:*:*:*:*",
"matchCriteriaId": "5406F242-A215-4B07-809F-7A7CE55ACE71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.0.2860:build_20240817:*:*:*:*:*:*",
"matchCriteriaId": "FA17778E-B3B1-44DD-B4E9-5AD25A3E804C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.1.2930:build_20241025:*:*:*:*:*:*",
"matchCriteriaId": "E3FC6646-2247-4ED9-9643-CD376674E2E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.2.2950:build_20241114:*:*:*:*:*:*",
"matchCriteriaId": "62170342-067D-442C-88FB-64A4BEA8AFE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.3.3006:build_20250108:*:*:*:*:*:*",
"matchCriteriaId": "82464467-E1E6-47E1-BDE5-DDFA52994A47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.4.3070:build_20250312:*:*:*:*:*:*",
"matchCriteriaId": "75AE902C-0516-4341-9BF0-21D8803E091C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.4.3079:build_20250321:*:*:*:*:*:*",
"matchCriteriaId": "5B005D70-8C91-48D4-B09A-9EBE2E9E5090",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.4.3092:build_20250403:*:*:*:*:*:*",
"matchCriteriaId": "82FE5F89-A0E1-4D1B-A363-0A0D4141F502",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.5.3145:build_20250526:*:*:*:*:*:*",
"matchCriteriaId": "B21A9EE0-88D5-42D9-BA21-D55518FCC6E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.6.3195:build_20250715:*:*:*:*:*:*",
"matchCriteriaId": "3B575CF2-21F3-4435-B6B4-61D79B34429C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.6.3229:build_20250818:*:*:*:*:*:*",
"matchCriteriaId": "E2EBD305-91E3-4BCC-835B-4878DF4DA3B8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.0.2737:build_20240417:*:*:*:*:*:*",
"matchCriteriaId": "CDCBB36A-CB91-4BA3-A6ED-952E6A4A0481",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.0.2782:build_20240601:*:*:*:*:*:*",
"matchCriteriaId": "240BCFF1-CCCB-4C07-8E2C-7F43F68407FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.0.2789:build_20240607:*:*:*:*:*:*",
"matchCriteriaId": "D3AF7276-77E0-474A-B10F-AC15BC5FCF00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.0.2802:build_20240620:*:*:*:*:*:*",
"matchCriteriaId": "5FA8C3EC-B6C0-44A8-BC91-18E3E90C63AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.0.2823:build_20240711:*:*:*:*:*:*",
"matchCriteriaId": "889336D2-D9F7-4CC0-A22F-B837B5E77751",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.0.2851:build_20240808:*:*:*:*:*:*",
"matchCriteriaId": "98F72EB9-0EE3-416A-B9BB-2512F5203A5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.0.2860:build_20240817:*:*:*:*:*:*",
"matchCriteriaId": "9110382F-57C2-4C2E-82D1-3246C882B2C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.1.2929:build_20241025:*:*:*:*:*:*",
"matchCriteriaId": "DB92EFD7-47DD-4AAC-97BD-A2D4918FF4ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.1.2940:build_20241105:*:*:*:*:*:*",
"matchCriteriaId": "78E38E23-1AD0-49E1-89FA-73DC2F496137",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.2.2952:build_20241116:*:*:*:*:*:*",
"matchCriteriaId": "F2F302B6-26CC-4044-B480-4EBDBB90797F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.3.3006:build_20250108:*:*:*:*:*:*",
"matchCriteriaId": "BF0093B6-8D38-4D1E-AD71-79299123C2B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.4.3070:build_20250312:*:*:*:*:*:*",
"matchCriteriaId": "48A3CDAA-B0C6-4280-B1AC-DDD027F9D632",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.4.3079:build_20250321:*:*:*:*:*:*",
"matchCriteriaId": "1807DE4F-CDF3-4E3B-ADC1-9535EF1D60FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.5.3138:build_20250519:*:*:*:*:*:*",
"matchCriteriaId": "68FF7342-A0AF-4E75-9CD6-D584B450B8AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.6.3195:build_20250715:*:*:*:*:*:*",
"matchCriteriaId": "A8E84E3D-943C-4DF5-86D3-DCAC3C034B81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.3.0.3115:build_20250430:*:*:*:*:*:*",
"matchCriteriaId": "4175C7F7-E946-41C6-8863-E23233B91A2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.3.0.3145:build_20250530:*:*:*:*:*:*",
"matchCriteriaId": "DE16C73E-9291-44FD-A9CB-B7C127E67A6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.3.0.3192:build_20250716:*:*:*:*:*:*",
"matchCriteriaId": "ED4023E4-6C28-413A-B7B1-6CEEBC48A1C0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack.\n\nWe have already fixed the vulnerability in the following versions:\nQTS 5.2.7.3256 build 20250913 and later\nQuTS hero h5.2.7.3256 build 20250913 and later\nQuTS hero h5.3.1.3250 build 20250912 and later"
}
],
"id": "CVE-2025-53596",
"lastModified": "2026-01-05T20:18:51.807",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
],
"cvssMetricV40": [
{
"cvssData": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 1.2,
"baseSeverity": "LOW",
"confidentialityRequirement": "NOT_DEFINED",
"exploitMaturity": "UNREPORTED",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"privilegesRequired": "HIGH",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"source": "security@qnapsecurity.com.tw",
"type": "Secondary"
}
]
},
"published": "2026-01-02T15:16:02.687",
"references": [
{
"source": "security@qnapsecurity.com.tw",
"tags": [
"Vendor Advisory"
],
"url": "https://www.qnap.com/en/security-advisory/qsa-25-50"
}
],
"sourceIdentifier": "security@qnapsecurity.com.tw",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-476"
}
],
"source": "security@qnapsecurity.com.tw",
"type": "Primary"
}
]
}
FKIE_CVE-2025-53405
Vulnerability from fkie_nvd - Published: 2026-01-02 15:16 - Updated: 2026-01-05 20:21
Severity ?
Summary
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack.
We have already fixed the vulnerability in the following versions:
QTS 5.2.7.3256 build 20250913 and later
QuTS hero h5.2.7.3256 build 20250913 and later
QuTS hero h5.3.1.3250 build 20250912 and later
References
| URL | Tags | ||
|---|---|---|---|
| security@qnapsecurity.com.tw | https://www.qnap.com/en/security-advisory/qsa-25-50 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| qnap | quts_hero | h5.2.0.2737 | |
| qnap | quts_hero | h5.2.0.2782 | |
| qnap | quts_hero | h5.2.0.2789 | |
| qnap | quts_hero | h5.2.0.2802 | |
| qnap | quts_hero | h5.2.0.2823 | |
| qnap | quts_hero | h5.2.0.2851 | |
| qnap | quts_hero | h5.2.0.2860 | |
| qnap | quts_hero | h5.2.1.2929 | |
| qnap | quts_hero | h5.2.1.2940 | |
| qnap | quts_hero | h5.2.2.2952 | |
| qnap | quts_hero | h5.2.3.3006 | |
| qnap | quts_hero | h5.2.4.3070 | |
| qnap | quts_hero | h5.2.4.3079 | |
| qnap | quts_hero | h5.2.5.3138 | |
| qnap | quts_hero | h5.2.6.3195 | |
| qnap | quts_hero | h5.3.0.3115 | |
| qnap | quts_hero | h5.3.0.3145 | |
| qnap | quts_hero | h5.3.0.3192 | |
| qnap | qts | 5.2.0.2737 | |
| qnap | qts | 5.2.0.2744 | |
| qnap | qts | 5.2.0.2782 | |
| qnap | qts | 5.2.0.2802 | |
| qnap | qts | 5.2.0.2823 | |
| qnap | qts | 5.2.0.2851 | |
| qnap | qts | 5.2.0.2860 | |
| qnap | qts | 5.2.1.2930 | |
| qnap | qts | 5.2.2.2950 | |
| qnap | qts | 5.2.3.3006 | |
| qnap | qts | 5.2.4.3070 | |
| qnap | qts | 5.2.4.3079 | |
| qnap | qts | 5.2.4.3092 | |
| qnap | qts | 5.2.5.3145 | |
| qnap | qts | 5.2.6.3195 | |
| qnap | qts | 5.2.6.3229 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.0.2737:build_20240417:*:*:*:*:*:*",
"matchCriteriaId": "CDCBB36A-CB91-4BA3-A6ED-952E6A4A0481",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.0.2782:build_20240601:*:*:*:*:*:*",
"matchCriteriaId": "240BCFF1-CCCB-4C07-8E2C-7F43F68407FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.0.2789:build_20240607:*:*:*:*:*:*",
"matchCriteriaId": "D3AF7276-77E0-474A-B10F-AC15BC5FCF00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.0.2802:build_20240620:*:*:*:*:*:*",
"matchCriteriaId": "5FA8C3EC-B6C0-44A8-BC91-18E3E90C63AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.0.2823:build_20240711:*:*:*:*:*:*",
"matchCriteriaId": "889336D2-D9F7-4CC0-A22F-B837B5E77751",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.0.2851:build_20240808:*:*:*:*:*:*",
"matchCriteriaId": "98F72EB9-0EE3-416A-B9BB-2512F5203A5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.0.2860:build_20240817:*:*:*:*:*:*",
"matchCriteriaId": "9110382F-57C2-4C2E-82D1-3246C882B2C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.1.2929:build_20241025:*:*:*:*:*:*",
"matchCriteriaId": "DB92EFD7-47DD-4AAC-97BD-A2D4918FF4ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.1.2940:build_20241105:*:*:*:*:*:*",
"matchCriteriaId": "78E38E23-1AD0-49E1-89FA-73DC2F496137",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.2.2952:build_20241116:*:*:*:*:*:*",
"matchCriteriaId": "F2F302B6-26CC-4044-B480-4EBDBB90797F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.3.3006:build_20250108:*:*:*:*:*:*",
"matchCriteriaId": "BF0093B6-8D38-4D1E-AD71-79299123C2B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.4.3070:build_20250312:*:*:*:*:*:*",
"matchCriteriaId": "48A3CDAA-B0C6-4280-B1AC-DDD027F9D632",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.4.3079:build_20250321:*:*:*:*:*:*",
"matchCriteriaId": "1807DE4F-CDF3-4E3B-ADC1-9535EF1D60FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.5.3138:build_20250519:*:*:*:*:*:*",
"matchCriteriaId": "68FF7342-A0AF-4E75-9CD6-D584B450B8AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.6.3195:build_20250715:*:*:*:*:*:*",
"matchCriteriaId": "A8E84E3D-943C-4DF5-86D3-DCAC3C034B81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.3.0.3115:build_20250430:*:*:*:*:*:*",
"matchCriteriaId": "4175C7F7-E946-41C6-8863-E23233B91A2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.3.0.3145:build_20250530:*:*:*:*:*:*",
"matchCriteriaId": "DE16C73E-9291-44FD-A9CB-B7C127E67A6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.3.0.3192:build_20250716:*:*:*:*:*:*",
"matchCriteriaId": "ED4023E4-6C28-413A-B7B1-6CEEBC48A1C0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.0.2737:build_20240417:*:*:*:*:*:*",
"matchCriteriaId": "F4026A4B-7AB4-48EA-971D-88DFDD3F01A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.0.2744:build_20240424:*:*:*:*:*:*",
"matchCriteriaId": "1F3F99BB-0D68-4D74-92C8-59E24F96C50D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.0.2782:build_20240601:*:*:*:*:*:*",
"matchCriteriaId": "1DE63B4D-8E84-41D3-B1F3-04AE6040242B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.0.2802:build_20240620:*:*:*:*:*:*",
"matchCriteriaId": "75746563-C648-4E55-9126-703F915F8B8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.0.2823:build_20240711:*:*:*:*:*:*",
"matchCriteriaId": "AF6BA027-A635-4E90-80C8-130B10AB3D23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.0.2851:build_20240808:*:*:*:*:*:*",
"matchCriteriaId": "5406F242-A215-4B07-809F-7A7CE55ACE71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.0.2860:build_20240817:*:*:*:*:*:*",
"matchCriteriaId": "FA17778E-B3B1-44DD-B4E9-5AD25A3E804C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.1.2930:build_20241025:*:*:*:*:*:*",
"matchCriteriaId": "E3FC6646-2247-4ED9-9643-CD376674E2E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.2.2950:build_20241114:*:*:*:*:*:*",
"matchCriteriaId": "62170342-067D-442C-88FB-64A4BEA8AFE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.3.3006:build_20250108:*:*:*:*:*:*",
"matchCriteriaId": "82464467-E1E6-47E1-BDE5-DDFA52994A47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.4.3070:build_20250312:*:*:*:*:*:*",
"matchCriteriaId": "75AE902C-0516-4341-9BF0-21D8803E091C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.4.3079:build_20250321:*:*:*:*:*:*",
"matchCriteriaId": "5B005D70-8C91-48D4-B09A-9EBE2E9E5090",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.4.3092:build_20250403:*:*:*:*:*:*",
"matchCriteriaId": "82FE5F89-A0E1-4D1B-A363-0A0D4141F502",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.5.3145:build_20250526:*:*:*:*:*:*",
"matchCriteriaId": "B21A9EE0-88D5-42D9-BA21-D55518FCC6E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.6.3195:build_20250715:*:*:*:*:*:*",
"matchCriteriaId": "3B575CF2-21F3-4435-B6B4-61D79B34429C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.6.3229:build_20250818:*:*:*:*:*:*",
"matchCriteriaId": "E2EBD305-91E3-4BCC-835B-4878DF4DA3B8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack.\n\nWe have already fixed the vulnerability in the following versions:\nQTS 5.2.7.3256 build 20250913 and later\nQuTS hero h5.2.7.3256 build 20250913 and later\nQuTS hero h5.3.1.3250 build 20250912 and later"
}
],
"id": "CVE-2025-53405",
"lastModified": "2026-01-05T20:21:20.253",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
],
"cvssMetricV40": [
{
"cvssData": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 1.2,
"baseSeverity": "LOW",
"confidentialityRequirement": "NOT_DEFINED",
"exploitMaturity": "UNREPORTED",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"privilegesRequired": "HIGH",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"source": "security@qnapsecurity.com.tw",
"type": "Secondary"
}
]
},
"published": "2026-01-02T15:16:01.120",
"references": [
{
"source": "security@qnapsecurity.com.tw",
"tags": [
"Vendor Advisory"
],
"url": "https://www.qnap.com/en/security-advisory/qsa-25-50"
}
],
"sourceIdentifier": "security@qnapsecurity.com.tw",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-476"
}
],
"source": "security@qnapsecurity.com.tw",
"type": "Primary"
}
]
}
FKIE_CVE-2025-53591
Vulnerability from fkie_nvd - Published: 2026-01-02 15:16 - Updated: 2026-01-05 20:10
Severity ?
Summary
A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to obtain secret data or modify memory.
We have already fixed the vulnerability in the following versions:
QTS 5.2.7.3256 build 20250913 and later
QuTS hero h5.2.7.3256 build 20250913 and later
QuTS hero h5.3.1.3250 build 20250912 and later
References
| URL | Tags | ||
|---|---|---|---|
| security@qnapsecurity.com.tw | https://www.qnap.com/en/security-advisory/qsa-25-50 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| qnap | quts_hero | h5.2.0.2737 | |
| qnap | quts_hero | h5.2.0.2782 | |
| qnap | quts_hero | h5.2.0.2789 | |
| qnap | quts_hero | h5.2.0.2802 | |
| qnap | quts_hero | h5.2.0.2823 | |
| qnap | quts_hero | h5.2.0.2851 | |
| qnap | quts_hero | h5.2.0.2860 | |
| qnap | quts_hero | h5.2.1.2929 | |
| qnap | quts_hero | h5.2.1.2940 | |
| qnap | quts_hero | h5.2.2.2952 | |
| qnap | quts_hero | h5.2.3.3006 | |
| qnap | quts_hero | h5.2.4.3070 | |
| qnap | quts_hero | h5.2.4.3079 | |
| qnap | quts_hero | h5.2.5.3138 | |
| qnap | quts_hero | h5.2.6.3195 | |
| qnap | quts_hero | h5.3.0.3115 | |
| qnap | quts_hero | h5.3.0.3145 | |
| qnap | quts_hero | h5.3.0.3192 | |
| qnap | qts | 5.2.0.2737 | |
| qnap | qts | 5.2.0.2744 | |
| qnap | qts | 5.2.0.2782 | |
| qnap | qts | 5.2.0.2802 | |
| qnap | qts | 5.2.0.2823 | |
| qnap | qts | 5.2.0.2851 | |
| qnap | qts | 5.2.0.2860 | |
| qnap | qts | 5.2.1.2930 | |
| qnap | qts | 5.2.2.2950 | |
| qnap | qts | 5.2.3.3006 | |
| qnap | qts | 5.2.4.3070 | |
| qnap | qts | 5.2.4.3079 | |
| qnap | qts | 5.2.4.3092 | |
| qnap | qts | 5.2.5.3145 | |
| qnap | qts | 5.2.6.3195 | |
| qnap | qts | 5.2.6.3229 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.0.2737:build_20240417:*:*:*:*:*:*",
"matchCriteriaId": "CDCBB36A-CB91-4BA3-A6ED-952E6A4A0481",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.0.2782:build_20240601:*:*:*:*:*:*",
"matchCriteriaId": "240BCFF1-CCCB-4C07-8E2C-7F43F68407FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.0.2789:build_20240607:*:*:*:*:*:*",
"matchCriteriaId": "D3AF7276-77E0-474A-B10F-AC15BC5FCF00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.0.2802:build_20240620:*:*:*:*:*:*",
"matchCriteriaId": "5FA8C3EC-B6C0-44A8-BC91-18E3E90C63AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.0.2823:build_20240711:*:*:*:*:*:*",
"matchCriteriaId": "889336D2-D9F7-4CC0-A22F-B837B5E77751",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.0.2851:build_20240808:*:*:*:*:*:*",
"matchCriteriaId": "98F72EB9-0EE3-416A-B9BB-2512F5203A5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.0.2860:build_20240817:*:*:*:*:*:*",
"matchCriteriaId": "9110382F-57C2-4C2E-82D1-3246C882B2C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.1.2929:build_20241025:*:*:*:*:*:*",
"matchCriteriaId": "DB92EFD7-47DD-4AAC-97BD-A2D4918FF4ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.1.2940:build_20241105:*:*:*:*:*:*",
"matchCriteriaId": "78E38E23-1AD0-49E1-89FA-73DC2F496137",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.2.2952:build_20241116:*:*:*:*:*:*",
"matchCriteriaId": "F2F302B6-26CC-4044-B480-4EBDBB90797F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.3.3006:build_20250108:*:*:*:*:*:*",
"matchCriteriaId": "BF0093B6-8D38-4D1E-AD71-79299123C2B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.4.3070:build_20250312:*:*:*:*:*:*",
"matchCriteriaId": "48A3CDAA-B0C6-4280-B1AC-DDD027F9D632",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.4.3079:build_20250321:*:*:*:*:*:*",
"matchCriteriaId": "1807DE4F-CDF3-4E3B-ADC1-9535EF1D60FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.5.3138:build_20250519:*:*:*:*:*:*",
"matchCriteriaId": "68FF7342-A0AF-4E75-9CD6-D584B450B8AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.6.3195:build_20250715:*:*:*:*:*:*",
"matchCriteriaId": "A8E84E3D-943C-4DF5-86D3-DCAC3C034B81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.3.0.3115:build_20250430:*:*:*:*:*:*",
"matchCriteriaId": "4175C7F7-E946-41C6-8863-E23233B91A2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.3.0.3145:build_20250530:*:*:*:*:*:*",
"matchCriteriaId": "DE16C73E-9291-44FD-A9CB-B7C127E67A6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.3.0.3192:build_20250716:*:*:*:*:*:*",
"matchCriteriaId": "ED4023E4-6C28-413A-B7B1-6CEEBC48A1C0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.0.2737:build_20240417:*:*:*:*:*:*",
"matchCriteriaId": "F4026A4B-7AB4-48EA-971D-88DFDD3F01A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.0.2744:build_20240424:*:*:*:*:*:*",
"matchCriteriaId": "1F3F99BB-0D68-4D74-92C8-59E24F96C50D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.0.2782:build_20240601:*:*:*:*:*:*",
"matchCriteriaId": "1DE63B4D-8E84-41D3-B1F3-04AE6040242B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.0.2802:build_20240620:*:*:*:*:*:*",
"matchCriteriaId": "75746563-C648-4E55-9126-703F915F8B8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.0.2823:build_20240711:*:*:*:*:*:*",
"matchCriteriaId": "AF6BA027-A635-4E90-80C8-130B10AB3D23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.0.2851:build_20240808:*:*:*:*:*:*",
"matchCriteriaId": "5406F242-A215-4B07-809F-7A7CE55ACE71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.0.2860:build_20240817:*:*:*:*:*:*",
"matchCriteriaId": "FA17778E-B3B1-44DD-B4E9-5AD25A3E804C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.1.2930:build_20241025:*:*:*:*:*:*",
"matchCriteriaId": "E3FC6646-2247-4ED9-9643-CD376674E2E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.2.2950:build_20241114:*:*:*:*:*:*",
"matchCriteriaId": "62170342-067D-442C-88FB-64A4BEA8AFE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.3.3006:build_20250108:*:*:*:*:*:*",
"matchCriteriaId": "82464467-E1E6-47E1-BDE5-DDFA52994A47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.4.3070:build_20250312:*:*:*:*:*:*",
"matchCriteriaId": "75AE902C-0516-4341-9BF0-21D8803E091C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.4.3079:build_20250321:*:*:*:*:*:*",
"matchCriteriaId": "5B005D70-8C91-48D4-B09A-9EBE2E9E5090",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.4.3092:build_20250403:*:*:*:*:*:*",
"matchCriteriaId": "82FE5F89-A0E1-4D1B-A363-0A0D4141F502",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.5.3145:build_20250526:*:*:*:*:*:*",
"matchCriteriaId": "B21A9EE0-88D5-42D9-BA21-D55518FCC6E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.6.3195:build_20250715:*:*:*:*:*:*",
"matchCriteriaId": "3B575CF2-21F3-4435-B6B4-61D79B34429C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.6.3229:build_20250818:*:*:*:*:*:*",
"matchCriteriaId": "E2EBD305-91E3-4BCC-835B-4878DF4DA3B8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to obtain secret data or modify memory.\n\nWe have already fixed the vulnerability in the following versions:\nQTS 5.2.7.3256 build 20250913 and later\nQuTS hero h5.2.7.3256 build 20250913 and later\nQuTS hero h5.3.1.3250 build 20250912 and later"
}
],
"id": "CVE-2025-53591",
"lastModified": "2026-01-05T20:10:06.780",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
],
"cvssMetricV40": [
{
"cvssData": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 1.2,
"baseSeverity": "LOW",
"confidentialityRequirement": "NOT_DEFINED",
"exploitMaturity": "UNREPORTED",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"privilegesRequired": "HIGH",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"source": "security@qnapsecurity.com.tw",
"type": "Secondary"
}
]
},
"published": "2026-01-02T15:16:01.653",
"references": [
{
"source": "security@qnapsecurity.com.tw",
"tags": [
"Vendor Advisory"
],
"url": "https://www.qnap.com/en/security-advisory/qsa-25-50"
}
],
"sourceIdentifier": "security@qnapsecurity.com.tw",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-134"
}
],
"source": "security@qnapsecurity.com.tw",
"type": "Primary"
}
]
}
FKIE_CVE-2025-53414
Vulnerability from fkie_nvd - Published: 2026-01-02 15:16 - Updated: 2026-01-05 20:20
Severity ?
Summary
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack.
We have already fixed the vulnerability in the following versions:
QTS 5.2.7.3256 build 20250913 and later
QuTS hero h5.2.7.3256 build 20250913 and later
QuTS hero h5.3.1.3250 build 20250912 and later
References
| URL | Tags | ||
|---|---|---|---|
| security@qnapsecurity.com.tw | https://www.qnap.com/en/security-advisory/qsa-25-50 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| qnap | quts_hero | h5.2.0.2737 | |
| qnap | quts_hero | h5.2.0.2782 | |
| qnap | quts_hero | h5.2.0.2789 | |
| qnap | quts_hero | h5.2.0.2802 | |
| qnap | quts_hero | h5.2.0.2823 | |
| qnap | quts_hero | h5.2.0.2851 | |
| qnap | quts_hero | h5.2.0.2860 | |
| qnap | quts_hero | h5.2.1.2929 | |
| qnap | quts_hero | h5.2.1.2940 | |
| qnap | quts_hero | h5.2.2.2952 | |
| qnap | quts_hero | h5.2.3.3006 | |
| qnap | quts_hero | h5.2.4.3070 | |
| qnap | quts_hero | h5.2.4.3079 | |
| qnap | quts_hero | h5.2.5.3138 | |
| qnap | quts_hero | h5.2.6.3195 | |
| qnap | quts_hero | h5.3.0.3115 | |
| qnap | quts_hero | h5.3.0.3145 | |
| qnap | quts_hero | h5.3.0.3192 | |
| qnap | qts | 5.2.0.2737 | |
| qnap | qts | 5.2.0.2744 | |
| qnap | qts | 5.2.0.2782 | |
| qnap | qts | 5.2.0.2802 | |
| qnap | qts | 5.2.0.2823 | |
| qnap | qts | 5.2.0.2851 | |
| qnap | qts | 5.2.0.2860 | |
| qnap | qts | 5.2.1.2930 | |
| qnap | qts | 5.2.2.2950 | |
| qnap | qts | 5.2.3.3006 | |
| qnap | qts | 5.2.4.3070 | |
| qnap | qts | 5.2.4.3079 | |
| qnap | qts | 5.2.4.3092 | |
| qnap | qts | 5.2.5.3145 | |
| qnap | qts | 5.2.6.3195 | |
| qnap | qts | 5.2.6.3229 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.0.2737:build_20240417:*:*:*:*:*:*",
"matchCriteriaId": "CDCBB36A-CB91-4BA3-A6ED-952E6A4A0481",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.0.2782:build_20240601:*:*:*:*:*:*",
"matchCriteriaId": "240BCFF1-CCCB-4C07-8E2C-7F43F68407FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.0.2789:build_20240607:*:*:*:*:*:*",
"matchCriteriaId": "D3AF7276-77E0-474A-B10F-AC15BC5FCF00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.0.2802:build_20240620:*:*:*:*:*:*",
"matchCriteriaId": "5FA8C3EC-B6C0-44A8-BC91-18E3E90C63AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.0.2823:build_20240711:*:*:*:*:*:*",
"matchCriteriaId": "889336D2-D9F7-4CC0-A22F-B837B5E77751",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.0.2851:build_20240808:*:*:*:*:*:*",
"matchCriteriaId": "98F72EB9-0EE3-416A-B9BB-2512F5203A5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.0.2860:build_20240817:*:*:*:*:*:*",
"matchCriteriaId": "9110382F-57C2-4C2E-82D1-3246C882B2C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.1.2929:build_20241025:*:*:*:*:*:*",
"matchCriteriaId": "DB92EFD7-47DD-4AAC-97BD-A2D4918FF4ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.1.2940:build_20241105:*:*:*:*:*:*",
"matchCriteriaId": "78E38E23-1AD0-49E1-89FA-73DC2F496137",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.2.2952:build_20241116:*:*:*:*:*:*",
"matchCriteriaId": "F2F302B6-26CC-4044-B480-4EBDBB90797F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.3.3006:build_20250108:*:*:*:*:*:*",
"matchCriteriaId": "BF0093B6-8D38-4D1E-AD71-79299123C2B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.4.3070:build_20250312:*:*:*:*:*:*",
"matchCriteriaId": "48A3CDAA-B0C6-4280-B1AC-DDD027F9D632",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.4.3079:build_20250321:*:*:*:*:*:*",
"matchCriteriaId": "1807DE4F-CDF3-4E3B-ADC1-9535EF1D60FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.5.3138:build_20250519:*:*:*:*:*:*",
"matchCriteriaId": "68FF7342-A0AF-4E75-9CD6-D584B450B8AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.6.3195:build_20250715:*:*:*:*:*:*",
"matchCriteriaId": "A8E84E3D-943C-4DF5-86D3-DCAC3C034B81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.3.0.3115:build_20250430:*:*:*:*:*:*",
"matchCriteriaId": "4175C7F7-E946-41C6-8863-E23233B91A2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.3.0.3145:build_20250530:*:*:*:*:*:*",
"matchCriteriaId": "DE16C73E-9291-44FD-A9CB-B7C127E67A6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.3.0.3192:build_20250716:*:*:*:*:*:*",
"matchCriteriaId": "ED4023E4-6C28-413A-B7B1-6CEEBC48A1C0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.0.2737:build_20240417:*:*:*:*:*:*",
"matchCriteriaId": "F4026A4B-7AB4-48EA-971D-88DFDD3F01A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.0.2744:build_20240424:*:*:*:*:*:*",
"matchCriteriaId": "1F3F99BB-0D68-4D74-92C8-59E24F96C50D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.0.2782:build_20240601:*:*:*:*:*:*",
"matchCriteriaId": "1DE63B4D-8E84-41D3-B1F3-04AE6040242B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.0.2802:build_20240620:*:*:*:*:*:*",
"matchCriteriaId": "75746563-C648-4E55-9126-703F915F8B8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.0.2823:build_20240711:*:*:*:*:*:*",
"matchCriteriaId": "AF6BA027-A635-4E90-80C8-130B10AB3D23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.0.2851:build_20240808:*:*:*:*:*:*",
"matchCriteriaId": "5406F242-A215-4B07-809F-7A7CE55ACE71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.0.2860:build_20240817:*:*:*:*:*:*",
"matchCriteriaId": "FA17778E-B3B1-44DD-B4E9-5AD25A3E804C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.1.2930:build_20241025:*:*:*:*:*:*",
"matchCriteriaId": "E3FC6646-2247-4ED9-9643-CD376674E2E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.2.2950:build_20241114:*:*:*:*:*:*",
"matchCriteriaId": "62170342-067D-442C-88FB-64A4BEA8AFE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.3.3006:build_20250108:*:*:*:*:*:*",
"matchCriteriaId": "82464467-E1E6-47E1-BDE5-DDFA52994A47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.4.3070:build_20250312:*:*:*:*:*:*",
"matchCriteriaId": "75AE902C-0516-4341-9BF0-21D8803E091C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.4.3079:build_20250321:*:*:*:*:*:*",
"matchCriteriaId": "5B005D70-8C91-48D4-B09A-9EBE2E9E5090",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.4.3092:build_20250403:*:*:*:*:*:*",
"matchCriteriaId": "82FE5F89-A0E1-4D1B-A363-0A0D4141F502",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.5.3145:build_20250526:*:*:*:*:*:*",
"matchCriteriaId": "B21A9EE0-88D5-42D9-BA21-D55518FCC6E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.6.3195:build_20250715:*:*:*:*:*:*",
"matchCriteriaId": "3B575CF2-21F3-4435-B6B4-61D79B34429C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.6.3229:build_20250818:*:*:*:*:*:*",
"matchCriteriaId": "E2EBD305-91E3-4BCC-835B-4878DF4DA3B8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack.\n\nWe have already fixed the vulnerability in the following versions:\nQTS 5.2.7.3256 build 20250913 and later\nQuTS hero h5.2.7.3256 build 20250913 and later\nQuTS hero h5.3.1.3250 build 20250912 and later"
}
],
"id": "CVE-2025-53414",
"lastModified": "2026-01-05T20:20:59.573",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
],
"cvssMetricV40": [
{
"cvssData": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 1.2,
"baseSeverity": "LOW",
"confidentialityRequirement": "NOT_DEFINED",
"exploitMaturity": "UNREPORTED",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"privilegesRequired": "HIGH",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"source": "security@qnapsecurity.com.tw",
"type": "Secondary"
}
]
},
"published": "2026-01-02T15:16:01.253",
"references": [
{
"source": "security@qnapsecurity.com.tw",
"tags": [
"Vendor Advisory"
],
"url": "https://www.qnap.com/en/security-advisory/qsa-25-50"
}
],
"sourceIdentifier": "security@qnapsecurity.com.tw",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-476"
}
],
"source": "security@qnapsecurity.com.tw",
"type": "Primary"
}
]
}
FKIE_CVE-2025-53590
Vulnerability from fkie_nvd - Published: 2026-01-02 15:16 - Updated: 2026-01-05 20:19
Severity ?
Summary
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack.
We have already fixed the vulnerability in the following version:
QTS 5.2.7.3256 build 20250913 and later
References
| URL | Tags | ||
|---|---|---|---|
| security@qnapsecurity.com.tw | https://www.qnap.com/en/security-advisory/qsa-25-50 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| qnap | quts_hero | h5.2.0.2737 | |
| qnap | quts_hero | h5.2.0.2782 | |
| qnap | quts_hero | h5.2.0.2789 | |
| qnap | quts_hero | h5.2.0.2802 | |
| qnap | quts_hero | h5.2.0.2823 | |
| qnap | quts_hero | h5.2.0.2851 | |
| qnap | quts_hero | h5.2.0.2860 | |
| qnap | quts_hero | h5.2.1.2929 | |
| qnap | quts_hero | h5.2.1.2940 | |
| qnap | quts_hero | h5.2.2.2952 | |
| qnap | quts_hero | h5.2.3.3006 | |
| qnap | quts_hero | h5.2.4.3070 | |
| qnap | quts_hero | h5.2.4.3079 | |
| qnap | quts_hero | h5.2.5.3138 | |
| qnap | quts_hero | h5.2.6.3195 | |
| qnap | quts_hero | h5.3.0.3115 | |
| qnap | quts_hero | h5.3.0.3145 | |
| qnap | quts_hero | h5.3.0.3192 | |
| qnap | qts | 5.2.0.2737 | |
| qnap | qts | 5.2.0.2744 | |
| qnap | qts | 5.2.0.2782 | |
| qnap | qts | 5.2.0.2802 | |
| qnap | qts | 5.2.0.2823 | |
| qnap | qts | 5.2.0.2851 | |
| qnap | qts | 5.2.0.2860 | |
| qnap | qts | 5.2.1.2930 | |
| qnap | qts | 5.2.2.2950 | |
| qnap | qts | 5.2.3.3006 | |
| qnap | qts | 5.2.4.3070 | |
| qnap | qts | 5.2.4.3079 | |
| qnap | qts | 5.2.4.3092 | |
| qnap | qts | 5.2.5.3145 | |
| qnap | qts | 5.2.6.3195 | |
| qnap | qts | 5.2.6.3229 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.0.2737:build_20240417:*:*:*:*:*:*",
"matchCriteriaId": "CDCBB36A-CB91-4BA3-A6ED-952E6A4A0481",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.0.2782:build_20240601:*:*:*:*:*:*",
"matchCriteriaId": "240BCFF1-CCCB-4C07-8E2C-7F43F68407FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.0.2789:build_20240607:*:*:*:*:*:*",
"matchCriteriaId": "D3AF7276-77E0-474A-B10F-AC15BC5FCF00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.0.2802:build_20240620:*:*:*:*:*:*",
"matchCriteriaId": "5FA8C3EC-B6C0-44A8-BC91-18E3E90C63AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.0.2823:build_20240711:*:*:*:*:*:*",
"matchCriteriaId": "889336D2-D9F7-4CC0-A22F-B837B5E77751",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.0.2851:build_20240808:*:*:*:*:*:*",
"matchCriteriaId": "98F72EB9-0EE3-416A-B9BB-2512F5203A5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.0.2860:build_20240817:*:*:*:*:*:*",
"matchCriteriaId": "9110382F-57C2-4C2E-82D1-3246C882B2C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.1.2929:build_20241025:*:*:*:*:*:*",
"matchCriteriaId": "DB92EFD7-47DD-4AAC-97BD-A2D4918FF4ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.1.2940:build_20241105:*:*:*:*:*:*",
"matchCriteriaId": "78E38E23-1AD0-49E1-89FA-73DC2F496137",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.2.2952:build_20241116:*:*:*:*:*:*",
"matchCriteriaId": "F2F302B6-26CC-4044-B480-4EBDBB90797F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.3.3006:build_20250108:*:*:*:*:*:*",
"matchCriteriaId": "BF0093B6-8D38-4D1E-AD71-79299123C2B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.4.3070:build_20250312:*:*:*:*:*:*",
"matchCriteriaId": "48A3CDAA-B0C6-4280-B1AC-DDD027F9D632",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.4.3079:build_20250321:*:*:*:*:*:*",
"matchCriteriaId": "1807DE4F-CDF3-4E3B-ADC1-9535EF1D60FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.5.3138:build_20250519:*:*:*:*:*:*",
"matchCriteriaId": "68FF7342-A0AF-4E75-9CD6-D584B450B8AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.6.3195:build_20250715:*:*:*:*:*:*",
"matchCriteriaId": "A8E84E3D-943C-4DF5-86D3-DCAC3C034B81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.3.0.3115:build_20250430:*:*:*:*:*:*",
"matchCriteriaId": "4175C7F7-E946-41C6-8863-E23233B91A2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.3.0.3145:build_20250530:*:*:*:*:*:*",
"matchCriteriaId": "DE16C73E-9291-44FD-A9CB-B7C127E67A6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.3.0.3192:build_20250716:*:*:*:*:*:*",
"matchCriteriaId": "ED4023E4-6C28-413A-B7B1-6CEEBC48A1C0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.0.2737:build_20240417:*:*:*:*:*:*",
"matchCriteriaId": "F4026A4B-7AB4-48EA-971D-88DFDD3F01A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.0.2744:build_20240424:*:*:*:*:*:*",
"matchCriteriaId": "1F3F99BB-0D68-4D74-92C8-59E24F96C50D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.0.2782:build_20240601:*:*:*:*:*:*",
"matchCriteriaId": "1DE63B4D-8E84-41D3-B1F3-04AE6040242B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.0.2802:build_20240620:*:*:*:*:*:*",
"matchCriteriaId": "75746563-C648-4E55-9126-703F915F8B8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.0.2823:build_20240711:*:*:*:*:*:*",
"matchCriteriaId": "AF6BA027-A635-4E90-80C8-130B10AB3D23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.0.2851:build_20240808:*:*:*:*:*:*",
"matchCriteriaId": "5406F242-A215-4B07-809F-7A7CE55ACE71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.0.2860:build_20240817:*:*:*:*:*:*",
"matchCriteriaId": "FA17778E-B3B1-44DD-B4E9-5AD25A3E804C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.1.2930:build_20241025:*:*:*:*:*:*",
"matchCriteriaId": "E3FC6646-2247-4ED9-9643-CD376674E2E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.2.2950:build_20241114:*:*:*:*:*:*",
"matchCriteriaId": "62170342-067D-442C-88FB-64A4BEA8AFE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.3.3006:build_20250108:*:*:*:*:*:*",
"matchCriteriaId": "82464467-E1E6-47E1-BDE5-DDFA52994A47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.4.3070:build_20250312:*:*:*:*:*:*",
"matchCriteriaId": "75AE902C-0516-4341-9BF0-21D8803E091C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.4.3079:build_20250321:*:*:*:*:*:*",
"matchCriteriaId": "5B005D70-8C91-48D4-B09A-9EBE2E9E5090",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.4.3092:build_20250403:*:*:*:*:*:*",
"matchCriteriaId": "82FE5F89-A0E1-4D1B-A363-0A0D4141F502",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.5.3145:build_20250526:*:*:*:*:*:*",
"matchCriteriaId": "B21A9EE0-88D5-42D9-BA21-D55518FCC6E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.6.3195:build_20250715:*:*:*:*:*:*",
"matchCriteriaId": "3B575CF2-21F3-4435-B6B4-61D79B34429C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.6.3229:build_20250818:*:*:*:*:*:*",
"matchCriteriaId": "E2EBD305-91E3-4BCC-835B-4878DF4DA3B8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack.\n\nWe have already fixed the vulnerability in the following version:\nQTS 5.2.7.3256 build 20250913 and later"
}
],
"id": "CVE-2025-53590",
"lastModified": "2026-01-05T20:19:59.823",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
],
"cvssMetricV40": [
{
"cvssData": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 1.2,
"baseSeverity": "LOW",
"confidentialityRequirement": "NOT_DEFINED",
"exploitMaturity": "UNREPORTED",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"privilegesRequired": "HIGH",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"source": "security@qnapsecurity.com.tw",
"type": "Secondary"
}
]
},
"published": "2026-01-02T15:16:01.523",
"references": [
{
"source": "security@qnapsecurity.com.tw",
"tags": [
"Vendor Advisory"
],
"url": "https://www.qnap.com/en/security-advisory/qsa-25-50"
}
],
"sourceIdentifier": "security@qnapsecurity.com.tw",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-476"
}
],
"source": "security@qnapsecurity.com.tw",
"type": "Primary"
}
]
}
FKIE_CVE-2025-53589
Vulnerability from fkie_nvd - Published: 2026-01-02 15:16 - Updated: 2026-01-05 20:20
Severity ?
Summary
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack.
We have already fixed the vulnerability in the following versions:
QTS 5.2.7.3256 build 20250913 and later
QuTS hero h5.2.7.3256 build 20250913 and later
QuTS hero h5.3.1.3250 build 20250912 and later
References
| URL | Tags | ||
|---|---|---|---|
| security@qnapsecurity.com.tw | https://www.qnap.com/en/security-advisory/qsa-25-50 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| qnap | quts_hero | h5.2.0.2737 | |
| qnap | quts_hero | h5.2.0.2782 | |
| qnap | quts_hero | h5.2.0.2789 | |
| qnap | quts_hero | h5.2.0.2802 | |
| qnap | quts_hero | h5.2.0.2823 | |
| qnap | quts_hero | h5.2.0.2851 | |
| qnap | quts_hero | h5.2.0.2860 | |
| qnap | quts_hero | h5.2.1.2929 | |
| qnap | quts_hero | h5.2.1.2940 | |
| qnap | quts_hero | h5.2.2.2952 | |
| qnap | quts_hero | h5.2.3.3006 | |
| qnap | quts_hero | h5.2.4.3070 | |
| qnap | quts_hero | h5.2.4.3079 | |
| qnap | quts_hero | h5.2.5.3138 | |
| qnap | quts_hero | h5.2.6.3195 | |
| qnap | quts_hero | h5.3.0.3115 | |
| qnap | quts_hero | h5.3.0.3145 | |
| qnap | quts_hero | h5.3.0.3192 | |
| qnap | qts | 5.2.0.2737 | |
| qnap | qts | 5.2.0.2744 | |
| qnap | qts | 5.2.0.2782 | |
| qnap | qts | 5.2.0.2802 | |
| qnap | qts | 5.2.0.2823 | |
| qnap | qts | 5.2.0.2851 | |
| qnap | qts | 5.2.0.2860 | |
| qnap | qts | 5.2.1.2930 | |
| qnap | qts | 5.2.2.2950 | |
| qnap | qts | 5.2.3.3006 | |
| qnap | qts | 5.2.4.3070 | |
| qnap | qts | 5.2.4.3079 | |
| qnap | qts | 5.2.4.3092 | |
| qnap | qts | 5.2.5.3145 | |
| qnap | qts | 5.2.6.3195 | |
| qnap | qts | 5.2.6.3229 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.0.2737:build_20240417:*:*:*:*:*:*",
"matchCriteriaId": "CDCBB36A-CB91-4BA3-A6ED-952E6A4A0481",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.0.2782:build_20240601:*:*:*:*:*:*",
"matchCriteriaId": "240BCFF1-CCCB-4C07-8E2C-7F43F68407FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.0.2789:build_20240607:*:*:*:*:*:*",
"matchCriteriaId": "D3AF7276-77E0-474A-B10F-AC15BC5FCF00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.0.2802:build_20240620:*:*:*:*:*:*",
"matchCriteriaId": "5FA8C3EC-B6C0-44A8-BC91-18E3E90C63AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.0.2823:build_20240711:*:*:*:*:*:*",
"matchCriteriaId": "889336D2-D9F7-4CC0-A22F-B837B5E77751",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.0.2851:build_20240808:*:*:*:*:*:*",
"matchCriteriaId": "98F72EB9-0EE3-416A-B9BB-2512F5203A5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.0.2860:build_20240817:*:*:*:*:*:*",
"matchCriteriaId": "9110382F-57C2-4C2E-82D1-3246C882B2C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.1.2929:build_20241025:*:*:*:*:*:*",
"matchCriteriaId": "DB92EFD7-47DD-4AAC-97BD-A2D4918FF4ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.1.2940:build_20241105:*:*:*:*:*:*",
"matchCriteriaId": "78E38E23-1AD0-49E1-89FA-73DC2F496137",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.2.2952:build_20241116:*:*:*:*:*:*",
"matchCriteriaId": "F2F302B6-26CC-4044-B480-4EBDBB90797F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.3.3006:build_20250108:*:*:*:*:*:*",
"matchCriteriaId": "BF0093B6-8D38-4D1E-AD71-79299123C2B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.4.3070:build_20250312:*:*:*:*:*:*",
"matchCriteriaId": "48A3CDAA-B0C6-4280-B1AC-DDD027F9D632",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.4.3079:build_20250321:*:*:*:*:*:*",
"matchCriteriaId": "1807DE4F-CDF3-4E3B-ADC1-9535EF1D60FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.5.3138:build_20250519:*:*:*:*:*:*",
"matchCriteriaId": "68FF7342-A0AF-4E75-9CD6-D584B450B8AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.6.3195:build_20250715:*:*:*:*:*:*",
"matchCriteriaId": "A8E84E3D-943C-4DF5-86D3-DCAC3C034B81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.3.0.3115:build_20250430:*:*:*:*:*:*",
"matchCriteriaId": "4175C7F7-E946-41C6-8863-E23233B91A2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.3.0.3145:build_20250530:*:*:*:*:*:*",
"matchCriteriaId": "DE16C73E-9291-44FD-A9CB-B7C127E67A6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.3.0.3192:build_20250716:*:*:*:*:*:*",
"matchCriteriaId": "ED4023E4-6C28-413A-B7B1-6CEEBC48A1C0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.0.2737:build_20240417:*:*:*:*:*:*",
"matchCriteriaId": "F4026A4B-7AB4-48EA-971D-88DFDD3F01A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.0.2744:build_20240424:*:*:*:*:*:*",
"matchCriteriaId": "1F3F99BB-0D68-4D74-92C8-59E24F96C50D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.0.2782:build_20240601:*:*:*:*:*:*",
"matchCriteriaId": "1DE63B4D-8E84-41D3-B1F3-04AE6040242B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.0.2802:build_20240620:*:*:*:*:*:*",
"matchCriteriaId": "75746563-C648-4E55-9126-703F915F8B8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.0.2823:build_20240711:*:*:*:*:*:*",
"matchCriteriaId": "AF6BA027-A635-4E90-80C8-130B10AB3D23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.0.2851:build_20240808:*:*:*:*:*:*",
"matchCriteriaId": "5406F242-A215-4B07-809F-7A7CE55ACE71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.0.2860:build_20240817:*:*:*:*:*:*",
"matchCriteriaId": "FA17778E-B3B1-44DD-B4E9-5AD25A3E804C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.1.2930:build_20241025:*:*:*:*:*:*",
"matchCriteriaId": "E3FC6646-2247-4ED9-9643-CD376674E2E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.2.2950:build_20241114:*:*:*:*:*:*",
"matchCriteriaId": "62170342-067D-442C-88FB-64A4BEA8AFE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.3.3006:build_20250108:*:*:*:*:*:*",
"matchCriteriaId": "82464467-E1E6-47E1-BDE5-DDFA52994A47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.4.3070:build_20250312:*:*:*:*:*:*",
"matchCriteriaId": "75AE902C-0516-4341-9BF0-21D8803E091C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.4.3079:build_20250321:*:*:*:*:*:*",
"matchCriteriaId": "5B005D70-8C91-48D4-B09A-9EBE2E9E5090",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.4.3092:build_20250403:*:*:*:*:*:*",
"matchCriteriaId": "82FE5F89-A0E1-4D1B-A363-0A0D4141F502",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.5.3145:build_20250526:*:*:*:*:*:*",
"matchCriteriaId": "B21A9EE0-88D5-42D9-BA21-D55518FCC6E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.6.3195:build_20250715:*:*:*:*:*:*",
"matchCriteriaId": "3B575CF2-21F3-4435-B6B4-61D79B34429C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.6.3229:build_20250818:*:*:*:*:*:*",
"matchCriteriaId": "E2EBD305-91E3-4BCC-835B-4878DF4DA3B8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack.\n\nWe have already fixed the vulnerability in the following versions:\nQTS 5.2.7.3256 build 20250913 and later\nQuTS hero h5.2.7.3256 build 20250913 and later\nQuTS hero h5.3.1.3250 build 20250912 and later"
}
],
"id": "CVE-2025-53589",
"lastModified": "2026-01-05T20:20:33.977",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
],
"cvssMetricV40": [
{
"cvssData": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 1.2,
"baseSeverity": "LOW",
"confidentialityRequirement": "NOT_DEFINED",
"exploitMaturity": "UNREPORTED",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"privilegesRequired": "HIGH",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"source": "security@qnapsecurity.com.tw",
"type": "Secondary"
}
]
},
"published": "2026-01-02T15:16:01.390",
"references": [
{
"source": "security@qnapsecurity.com.tw",
"tags": [
"Vendor Advisory"
],
"url": "https://www.qnap.com/en/security-advisory/qsa-25-50"
}
],
"sourceIdentifier": "security@qnapsecurity.com.tw",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-476"
}
],
"source": "security@qnapsecurity.com.tw",
"type": "Primary"
}
]
}
FKIE_CVE-2025-53592
Vulnerability from fkie_nvd - Published: 2026-01-02 15:16 - Updated: 2026-01-05 20:19
Severity ?
Summary
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack.
We have already fixed the vulnerability in the following versions:
QTS 5.2.7.3256 build 20250913 and later
QuTS hero h5.2.7.3256 build 20250913 and later
QuTS hero h5.3.1.3250 build 20250912 and later
References
| URL | Tags | ||
|---|---|---|---|
| security@qnapsecurity.com.tw | https://www.qnap.com/en/security-advisory/qsa-25-50 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| qnap | quts_hero | h5.2.0.2737 | |
| qnap | quts_hero | h5.2.0.2782 | |
| qnap | quts_hero | h5.2.0.2789 | |
| qnap | quts_hero | h5.2.0.2802 | |
| qnap | quts_hero | h5.2.0.2823 | |
| qnap | quts_hero | h5.2.0.2851 | |
| qnap | quts_hero | h5.2.0.2860 | |
| qnap | quts_hero | h5.2.1.2929 | |
| qnap | quts_hero | h5.2.1.2940 | |
| qnap | quts_hero | h5.2.2.2952 | |
| qnap | quts_hero | h5.2.3.3006 | |
| qnap | quts_hero | h5.2.4.3070 | |
| qnap | quts_hero | h5.2.4.3079 | |
| qnap | quts_hero | h5.2.5.3138 | |
| qnap | quts_hero | h5.2.6.3195 | |
| qnap | quts_hero | h5.3.0.3115 | |
| qnap | quts_hero | h5.3.0.3145 | |
| qnap | quts_hero | h5.3.0.3192 | |
| qnap | qts | 5.2.0.2737 | |
| qnap | qts | 5.2.0.2744 | |
| qnap | qts | 5.2.0.2782 | |
| qnap | qts | 5.2.0.2802 | |
| qnap | qts | 5.2.0.2823 | |
| qnap | qts | 5.2.0.2851 | |
| qnap | qts | 5.2.0.2860 | |
| qnap | qts | 5.2.1.2930 | |
| qnap | qts | 5.2.2.2950 | |
| qnap | qts | 5.2.3.3006 | |
| qnap | qts | 5.2.4.3070 | |
| qnap | qts | 5.2.4.3079 | |
| qnap | qts | 5.2.4.3092 | |
| qnap | qts | 5.2.5.3145 | |
| qnap | qts | 5.2.6.3195 | |
| qnap | qts | 5.2.6.3229 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.0.2737:build_20240417:*:*:*:*:*:*",
"matchCriteriaId": "CDCBB36A-CB91-4BA3-A6ED-952E6A4A0481",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.0.2782:build_20240601:*:*:*:*:*:*",
"matchCriteriaId": "240BCFF1-CCCB-4C07-8E2C-7F43F68407FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.0.2789:build_20240607:*:*:*:*:*:*",
"matchCriteriaId": "D3AF7276-77E0-474A-B10F-AC15BC5FCF00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.0.2802:build_20240620:*:*:*:*:*:*",
"matchCriteriaId": "5FA8C3EC-B6C0-44A8-BC91-18E3E90C63AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.0.2823:build_20240711:*:*:*:*:*:*",
"matchCriteriaId": "889336D2-D9F7-4CC0-A22F-B837B5E77751",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.0.2851:build_20240808:*:*:*:*:*:*",
"matchCriteriaId": "98F72EB9-0EE3-416A-B9BB-2512F5203A5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.0.2860:build_20240817:*:*:*:*:*:*",
"matchCriteriaId": "9110382F-57C2-4C2E-82D1-3246C882B2C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.1.2929:build_20241025:*:*:*:*:*:*",
"matchCriteriaId": "DB92EFD7-47DD-4AAC-97BD-A2D4918FF4ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.1.2940:build_20241105:*:*:*:*:*:*",
"matchCriteriaId": "78E38E23-1AD0-49E1-89FA-73DC2F496137",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.2.2952:build_20241116:*:*:*:*:*:*",
"matchCriteriaId": "F2F302B6-26CC-4044-B480-4EBDBB90797F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.3.3006:build_20250108:*:*:*:*:*:*",
"matchCriteriaId": "BF0093B6-8D38-4D1E-AD71-79299123C2B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.4.3070:build_20250312:*:*:*:*:*:*",
"matchCriteriaId": "48A3CDAA-B0C6-4280-B1AC-DDD027F9D632",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.4.3079:build_20250321:*:*:*:*:*:*",
"matchCriteriaId": "1807DE4F-CDF3-4E3B-ADC1-9535EF1D60FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.5.3138:build_20250519:*:*:*:*:*:*",
"matchCriteriaId": "68FF7342-A0AF-4E75-9CD6-D584B450B8AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.6.3195:build_20250715:*:*:*:*:*:*",
"matchCriteriaId": "A8E84E3D-943C-4DF5-86D3-DCAC3C034B81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.3.0.3115:build_20250430:*:*:*:*:*:*",
"matchCriteriaId": "4175C7F7-E946-41C6-8863-E23233B91A2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.3.0.3145:build_20250530:*:*:*:*:*:*",
"matchCriteriaId": "DE16C73E-9291-44FD-A9CB-B7C127E67A6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.3.0.3192:build_20250716:*:*:*:*:*:*",
"matchCriteriaId": "ED4023E4-6C28-413A-B7B1-6CEEBC48A1C0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.0.2737:build_20240417:*:*:*:*:*:*",
"matchCriteriaId": "F4026A4B-7AB4-48EA-971D-88DFDD3F01A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.0.2744:build_20240424:*:*:*:*:*:*",
"matchCriteriaId": "1F3F99BB-0D68-4D74-92C8-59E24F96C50D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.0.2782:build_20240601:*:*:*:*:*:*",
"matchCriteriaId": "1DE63B4D-8E84-41D3-B1F3-04AE6040242B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.0.2802:build_20240620:*:*:*:*:*:*",
"matchCriteriaId": "75746563-C648-4E55-9126-703F915F8B8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.0.2823:build_20240711:*:*:*:*:*:*",
"matchCriteriaId": "AF6BA027-A635-4E90-80C8-130B10AB3D23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.0.2851:build_20240808:*:*:*:*:*:*",
"matchCriteriaId": "5406F242-A215-4B07-809F-7A7CE55ACE71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.0.2860:build_20240817:*:*:*:*:*:*",
"matchCriteriaId": "FA17778E-B3B1-44DD-B4E9-5AD25A3E804C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.1.2930:build_20241025:*:*:*:*:*:*",
"matchCriteriaId": "E3FC6646-2247-4ED9-9643-CD376674E2E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.2.2950:build_20241114:*:*:*:*:*:*",
"matchCriteriaId": "62170342-067D-442C-88FB-64A4BEA8AFE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.3.3006:build_20250108:*:*:*:*:*:*",
"matchCriteriaId": "82464467-E1E6-47E1-BDE5-DDFA52994A47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.4.3070:build_20250312:*:*:*:*:*:*",
"matchCriteriaId": "75AE902C-0516-4341-9BF0-21D8803E091C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.4.3079:build_20250321:*:*:*:*:*:*",
"matchCriteriaId": "5B005D70-8C91-48D4-B09A-9EBE2E9E5090",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.4.3092:build_20250403:*:*:*:*:*:*",
"matchCriteriaId": "82FE5F89-A0E1-4D1B-A363-0A0D4141F502",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.5.3145:build_20250526:*:*:*:*:*:*",
"matchCriteriaId": "B21A9EE0-88D5-42D9-BA21-D55518FCC6E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.6.3195:build_20250715:*:*:*:*:*:*",
"matchCriteriaId": "3B575CF2-21F3-4435-B6B4-61D79B34429C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.6.3229:build_20250818:*:*:*:*:*:*",
"matchCriteriaId": "E2EBD305-91E3-4BCC-835B-4878DF4DA3B8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack.\n\nWe have already fixed the vulnerability in the following versions:\nQTS 5.2.7.3256 build 20250913 and later\nQuTS hero h5.2.7.3256 build 20250913 and later\nQuTS hero h5.3.1.3250 build 20250912 and later"
}
],
"id": "CVE-2025-53592",
"lastModified": "2026-01-05T20:19:26.977",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
],
"cvssMetricV40": [
{
"cvssData": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 1.3,
"baseSeverity": "LOW",
"confidentialityRequirement": "NOT_DEFINED",
"exploitMaturity": "UNREPORTED",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"source": "security@qnapsecurity.com.tw",
"type": "Secondary"
}
]
},
"published": "2026-01-02T15:16:01.807",
"references": [
{
"source": "security@qnapsecurity.com.tw",
"tags": [
"Vendor Advisory"
],
"url": "https://www.qnap.com/en/security-advisory/qsa-25-50"
}
],
"sourceIdentifier": "security@qnapsecurity.com.tw",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-476"
}
],
"source": "security@qnapsecurity.com.tw",
"type": "Primary"
}
]
}
FKIE_CVE-2025-52864
Vulnerability from fkie_nvd - Published: 2026-01-02 15:16 - Updated: 2026-01-05 20:13
Severity ?
Summary
A buffer overflow vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains a user account, they can then exploit the vulnerability to modify memory or crash processes.
We have already fixed the vulnerability in the following versions:
QTS 5.2.7.3256 build 20250913 and later
QuTS hero h5.2.7.3256 build 20250913 and later
QuTS hero h5.3.0.3192 build 20250716 and later
References
| URL | Tags | ||
|---|---|---|---|
| security@qnapsecurity.com.tw | https://www.qnap.com/en/security-advisory/qsa-25-50 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| qnap | quts_hero | h5.2.0.2737 | |
| qnap | quts_hero | h5.2.0.2782 | |
| qnap | quts_hero | h5.2.0.2789 | |
| qnap | quts_hero | h5.2.0.2802 | |
| qnap | quts_hero | h5.2.0.2823 | |
| qnap | quts_hero | h5.2.0.2851 | |
| qnap | quts_hero | h5.2.0.2860 | |
| qnap | quts_hero | h5.2.1.2929 | |
| qnap | quts_hero | h5.2.1.2940 | |
| qnap | quts_hero | h5.2.2.2952 | |
| qnap | quts_hero | h5.2.3.3006 | |
| qnap | quts_hero | h5.2.4.3070 | |
| qnap | quts_hero | h5.2.4.3079 | |
| qnap | quts_hero | h5.2.5.3138 | |
| qnap | quts_hero | h5.2.6.3195 | |
| qnap | quts_hero | h5.3.0.3115 | |
| qnap | quts_hero | h5.3.0.3145 | |
| qnap | quts_hero | h5.3.0.3192 | |
| qnap | qts | 5.2.0.2737 | |
| qnap | qts | 5.2.0.2744 | |
| qnap | qts | 5.2.0.2782 | |
| qnap | qts | 5.2.0.2802 | |
| qnap | qts | 5.2.0.2823 | |
| qnap | qts | 5.2.0.2851 | |
| qnap | qts | 5.2.0.2860 | |
| qnap | qts | 5.2.1.2930 | |
| qnap | qts | 5.2.2.2950 | |
| qnap | qts | 5.2.3.3006 | |
| qnap | qts | 5.2.4.3070 | |
| qnap | qts | 5.2.4.3079 | |
| qnap | qts | 5.2.4.3092 | |
| qnap | qts | 5.2.5.3145 | |
| qnap | qts | 5.2.6.3195 | |
| qnap | qts | 5.2.6.3229 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.0.2737:build_20240417:*:*:*:*:*:*",
"matchCriteriaId": "CDCBB36A-CB91-4BA3-A6ED-952E6A4A0481",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.0.2782:build_20240601:*:*:*:*:*:*",
"matchCriteriaId": "240BCFF1-CCCB-4C07-8E2C-7F43F68407FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.0.2789:build_20240607:*:*:*:*:*:*",
"matchCriteriaId": "D3AF7276-77E0-474A-B10F-AC15BC5FCF00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.0.2802:build_20240620:*:*:*:*:*:*",
"matchCriteriaId": "5FA8C3EC-B6C0-44A8-BC91-18E3E90C63AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.0.2823:build_20240711:*:*:*:*:*:*",
"matchCriteriaId": "889336D2-D9F7-4CC0-A22F-B837B5E77751",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.0.2851:build_20240808:*:*:*:*:*:*",
"matchCriteriaId": "98F72EB9-0EE3-416A-B9BB-2512F5203A5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.0.2860:build_20240817:*:*:*:*:*:*",
"matchCriteriaId": "9110382F-57C2-4C2E-82D1-3246C882B2C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.1.2929:build_20241025:*:*:*:*:*:*",
"matchCriteriaId": "DB92EFD7-47DD-4AAC-97BD-A2D4918FF4ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.1.2940:build_20241105:*:*:*:*:*:*",
"matchCriteriaId": "78E38E23-1AD0-49E1-89FA-73DC2F496137",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.2.2952:build_20241116:*:*:*:*:*:*",
"matchCriteriaId": "F2F302B6-26CC-4044-B480-4EBDBB90797F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.3.3006:build_20250108:*:*:*:*:*:*",
"matchCriteriaId": "BF0093B6-8D38-4D1E-AD71-79299123C2B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.4.3070:build_20250312:*:*:*:*:*:*",
"matchCriteriaId": "48A3CDAA-B0C6-4280-B1AC-DDD027F9D632",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.4.3079:build_20250321:*:*:*:*:*:*",
"matchCriteriaId": "1807DE4F-CDF3-4E3B-ADC1-9535EF1D60FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.5.3138:build_20250519:*:*:*:*:*:*",
"matchCriteriaId": "68FF7342-A0AF-4E75-9CD6-D584B450B8AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.6.3195:build_20250715:*:*:*:*:*:*",
"matchCriteriaId": "A8E84E3D-943C-4DF5-86D3-DCAC3C034B81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.3.0.3115:build_20250430:*:*:*:*:*:*",
"matchCriteriaId": "4175C7F7-E946-41C6-8863-E23233B91A2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.3.0.3145:build_20250530:*:*:*:*:*:*",
"matchCriteriaId": "DE16C73E-9291-44FD-A9CB-B7C127E67A6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.3.0.3192:build_20250716:*:*:*:*:*:*",
"matchCriteriaId": "ED4023E4-6C28-413A-B7B1-6CEEBC48A1C0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.0.2737:build_20240417:*:*:*:*:*:*",
"matchCriteriaId": "F4026A4B-7AB4-48EA-971D-88DFDD3F01A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.0.2744:build_20240424:*:*:*:*:*:*",
"matchCriteriaId": "1F3F99BB-0D68-4D74-92C8-59E24F96C50D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.0.2782:build_20240601:*:*:*:*:*:*",
"matchCriteriaId": "1DE63B4D-8E84-41D3-B1F3-04AE6040242B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.0.2802:build_20240620:*:*:*:*:*:*",
"matchCriteriaId": "75746563-C648-4E55-9126-703F915F8B8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.0.2823:build_20240711:*:*:*:*:*:*",
"matchCriteriaId": "AF6BA027-A635-4E90-80C8-130B10AB3D23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.0.2851:build_20240808:*:*:*:*:*:*",
"matchCriteriaId": "5406F242-A215-4B07-809F-7A7CE55ACE71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.0.2860:build_20240817:*:*:*:*:*:*",
"matchCriteriaId": "FA17778E-B3B1-44DD-B4E9-5AD25A3E804C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.1.2930:build_20241025:*:*:*:*:*:*",
"matchCriteriaId": "E3FC6646-2247-4ED9-9643-CD376674E2E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.2.2950:build_20241114:*:*:*:*:*:*",
"matchCriteriaId": "62170342-067D-442C-88FB-64A4BEA8AFE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.3.3006:build_20250108:*:*:*:*:*:*",
"matchCriteriaId": "82464467-E1E6-47E1-BDE5-DDFA52994A47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.4.3070:build_20250312:*:*:*:*:*:*",
"matchCriteriaId": "75AE902C-0516-4341-9BF0-21D8803E091C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.4.3079:build_20250321:*:*:*:*:*:*",
"matchCriteriaId": "5B005D70-8C91-48D4-B09A-9EBE2E9E5090",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.4.3092:build_20250403:*:*:*:*:*:*",
"matchCriteriaId": "82FE5F89-A0E1-4D1B-A363-0A0D4141F502",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.5.3145:build_20250526:*:*:*:*:*:*",
"matchCriteriaId": "B21A9EE0-88D5-42D9-BA21-D55518FCC6E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.6.3195:build_20250715:*:*:*:*:*:*",
"matchCriteriaId": "3B575CF2-21F3-4435-B6B4-61D79B34429C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.6.3229:build_20250818:*:*:*:*:*:*",
"matchCriteriaId": "E2EBD305-91E3-4BCC-835B-4878DF4DA3B8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A buffer overflow vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains a user account, they can then exploit the vulnerability to modify memory or crash processes.\n\nWe have already fixed the vulnerability in the following versions:\nQTS 5.2.7.3256 build 20250913 and later\nQuTS hero h5.2.7.3256 build 20250913 and later\nQuTS hero h5.3.0.3192 build 20250716 and later"
}
],
"id": "CVE-2025-52864",
"lastModified": "2026-01-05T20:13:29.287",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
],
"cvssMetricV40": [
{
"cvssData": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 1.3,
"baseSeverity": "LOW",
"confidentialityRequirement": "NOT_DEFINED",
"exploitMaturity": "UNREPORTED",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"source": "security@qnapsecurity.com.tw",
"type": "Secondary"
}
]
},
"published": "2026-01-02T15:16:00.827",
"references": [
{
"source": "security@qnapsecurity.com.tw",
"tags": [
"Vendor Advisory"
],
"url": "https://www.qnap.com/en/security-advisory/qsa-25-50"
}
],
"sourceIdentifier": "security@qnapsecurity.com.tw",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-120"
}
],
"source": "security@qnapsecurity.com.tw",
"type": "Primary"
}
]
}
FKIE_CVE-2025-52430
Vulnerability from fkie_nvd - Published: 2026-01-02 15:16 - Updated: 2026-01-05 20:22
Severity ?
Summary
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack.
We have already fixed the vulnerability in the following versions:
QTS 5.2.7.3256 build 20250913 and later
QuTS hero h5.2.7.3256 build 20250913 and later
QuTS hero h5.3.1.3250 build 20250912 and later
References
| URL | Tags | ||
|---|---|---|---|
| security@qnapsecurity.com.tw | https://www.qnap.com/en/security-advisory/qsa-25-50 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| qnap | quts_hero | h5.2.0.2737 | |
| qnap | quts_hero | h5.2.0.2782 | |
| qnap | quts_hero | h5.2.0.2789 | |
| qnap | quts_hero | h5.2.0.2802 | |
| qnap | quts_hero | h5.2.0.2823 | |
| qnap | quts_hero | h5.2.0.2851 | |
| qnap | quts_hero | h5.2.0.2860 | |
| qnap | quts_hero | h5.2.1.2929 | |
| qnap | quts_hero | h5.2.1.2940 | |
| qnap | quts_hero | h5.2.2.2952 | |
| qnap | quts_hero | h5.2.3.3006 | |
| qnap | quts_hero | h5.2.4.3070 | |
| qnap | quts_hero | h5.2.4.3079 | |
| qnap | quts_hero | h5.2.5.3138 | |
| qnap | quts_hero | h5.2.6.3195 | |
| qnap | quts_hero | h5.3.0.3115 | |
| qnap | quts_hero | h5.3.0.3145 | |
| qnap | quts_hero | h5.3.0.3192 | |
| qnap | qts | 5.2.0.2737 | |
| qnap | qts | 5.2.0.2744 | |
| qnap | qts | 5.2.0.2782 | |
| qnap | qts | 5.2.0.2802 | |
| qnap | qts | 5.2.0.2823 | |
| qnap | qts | 5.2.0.2851 | |
| qnap | qts | 5.2.0.2860 | |
| qnap | qts | 5.2.1.2930 | |
| qnap | qts | 5.2.2.2950 | |
| qnap | qts | 5.2.3.3006 | |
| qnap | qts | 5.2.4.3070 | |
| qnap | qts | 5.2.4.3079 | |
| qnap | qts | 5.2.4.3092 | |
| qnap | qts | 5.2.5.3145 | |
| qnap | qts | 5.2.6.3195 | |
| qnap | qts | 5.2.6.3229 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.0.2737:build_20240417:*:*:*:*:*:*",
"matchCriteriaId": "CDCBB36A-CB91-4BA3-A6ED-952E6A4A0481",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.0.2782:build_20240601:*:*:*:*:*:*",
"matchCriteriaId": "240BCFF1-CCCB-4C07-8E2C-7F43F68407FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.0.2789:build_20240607:*:*:*:*:*:*",
"matchCriteriaId": "D3AF7276-77E0-474A-B10F-AC15BC5FCF00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.0.2802:build_20240620:*:*:*:*:*:*",
"matchCriteriaId": "5FA8C3EC-B6C0-44A8-BC91-18E3E90C63AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.0.2823:build_20240711:*:*:*:*:*:*",
"matchCriteriaId": "889336D2-D9F7-4CC0-A22F-B837B5E77751",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.0.2851:build_20240808:*:*:*:*:*:*",
"matchCriteriaId": "98F72EB9-0EE3-416A-B9BB-2512F5203A5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.0.2860:build_20240817:*:*:*:*:*:*",
"matchCriteriaId": "9110382F-57C2-4C2E-82D1-3246C882B2C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.1.2929:build_20241025:*:*:*:*:*:*",
"matchCriteriaId": "DB92EFD7-47DD-4AAC-97BD-A2D4918FF4ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.1.2940:build_20241105:*:*:*:*:*:*",
"matchCriteriaId": "78E38E23-1AD0-49E1-89FA-73DC2F496137",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.2.2952:build_20241116:*:*:*:*:*:*",
"matchCriteriaId": "F2F302B6-26CC-4044-B480-4EBDBB90797F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.3.3006:build_20250108:*:*:*:*:*:*",
"matchCriteriaId": "BF0093B6-8D38-4D1E-AD71-79299123C2B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.4.3070:build_20250312:*:*:*:*:*:*",
"matchCriteriaId": "48A3CDAA-B0C6-4280-B1AC-DDD027F9D632",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.4.3079:build_20250321:*:*:*:*:*:*",
"matchCriteriaId": "1807DE4F-CDF3-4E3B-ADC1-9535EF1D60FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.5.3138:build_20250519:*:*:*:*:*:*",
"matchCriteriaId": "68FF7342-A0AF-4E75-9CD6-D584B450B8AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.6.3195:build_20250715:*:*:*:*:*:*",
"matchCriteriaId": "A8E84E3D-943C-4DF5-86D3-DCAC3C034B81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.3.0.3115:build_20250430:*:*:*:*:*:*",
"matchCriteriaId": "4175C7F7-E946-41C6-8863-E23233B91A2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.3.0.3145:build_20250530:*:*:*:*:*:*",
"matchCriteriaId": "DE16C73E-9291-44FD-A9CB-B7C127E67A6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.3.0.3192:build_20250716:*:*:*:*:*:*",
"matchCriteriaId": "ED4023E4-6C28-413A-B7B1-6CEEBC48A1C0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.0.2737:build_20240417:*:*:*:*:*:*",
"matchCriteriaId": "F4026A4B-7AB4-48EA-971D-88DFDD3F01A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.0.2744:build_20240424:*:*:*:*:*:*",
"matchCriteriaId": "1F3F99BB-0D68-4D74-92C8-59E24F96C50D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.0.2782:build_20240601:*:*:*:*:*:*",
"matchCriteriaId": "1DE63B4D-8E84-41D3-B1F3-04AE6040242B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.0.2802:build_20240620:*:*:*:*:*:*",
"matchCriteriaId": "75746563-C648-4E55-9126-703F915F8B8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.0.2823:build_20240711:*:*:*:*:*:*",
"matchCriteriaId": "AF6BA027-A635-4E90-80C8-130B10AB3D23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.0.2851:build_20240808:*:*:*:*:*:*",
"matchCriteriaId": "5406F242-A215-4B07-809F-7A7CE55ACE71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.0.2860:build_20240817:*:*:*:*:*:*",
"matchCriteriaId": "FA17778E-B3B1-44DD-B4E9-5AD25A3E804C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.1.2930:build_20241025:*:*:*:*:*:*",
"matchCriteriaId": "E3FC6646-2247-4ED9-9643-CD376674E2E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.2.2950:build_20241114:*:*:*:*:*:*",
"matchCriteriaId": "62170342-067D-442C-88FB-64A4BEA8AFE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.3.3006:build_20250108:*:*:*:*:*:*",
"matchCriteriaId": "82464467-E1E6-47E1-BDE5-DDFA52994A47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.4.3070:build_20250312:*:*:*:*:*:*",
"matchCriteriaId": "75AE902C-0516-4341-9BF0-21D8803E091C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.4.3079:build_20250321:*:*:*:*:*:*",
"matchCriteriaId": "5B005D70-8C91-48D4-B09A-9EBE2E9E5090",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.4.3092:build_20250403:*:*:*:*:*:*",
"matchCriteriaId": "82FE5F89-A0E1-4D1B-A363-0A0D4141F502",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.5.3145:build_20250526:*:*:*:*:*:*",
"matchCriteriaId": "B21A9EE0-88D5-42D9-BA21-D55518FCC6E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.6.3195:build_20250715:*:*:*:*:*:*",
"matchCriteriaId": "3B575CF2-21F3-4435-B6B4-61D79B34429C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.6.3229:build_20250818:*:*:*:*:*:*",
"matchCriteriaId": "E2EBD305-91E3-4BCC-835B-4878DF4DA3B8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack.\n\nWe have already fixed the vulnerability in the following versions:\nQTS 5.2.7.3256 build 20250913 and later\nQuTS hero h5.2.7.3256 build 20250913 and later\nQuTS hero h5.3.1.3250 build 20250912 and later"
}
],
"id": "CVE-2025-52430",
"lastModified": "2026-01-05T20:22:10.533",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
],
"cvssMetricV40": [
{
"cvssData": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 1.2,
"baseSeverity": "LOW",
"confidentialityRequirement": "NOT_DEFINED",
"exploitMaturity": "UNREPORTED",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"privilegesRequired": "HIGH",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"source": "security@qnapsecurity.com.tw",
"type": "Secondary"
}
]
},
"published": "2026-01-02T15:16:00.403",
"references": [
{
"source": "security@qnapsecurity.com.tw",
"tags": [
"Vendor Advisory"
],
"url": "https://www.qnap.com/en/security-advisory/qsa-25-50"
}
],
"sourceIdentifier": "security@qnapsecurity.com.tw",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-476"
}
],
"source": "security@qnapsecurity.com.tw",
"type": "Primary"
}
]
}
FKIE_CVE-2025-47208
Vulnerability from fkie_nvd - Published: 2026-01-02 15:16 - Updated: 2026-01-05 19:47
Severity ?
Summary
An allocation of resources without limits or throttling vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains a user account, they can then exploit the vulnerability to prevent other systems, applications, or processes from accessing the same type of resource.
We have already fixed the vulnerability in the following versions:
QTS 5.2.6.3195 build 20250715 and later
QuTS hero h5.2.6.3195 build 20250715 and later
References
| URL | Tags | ||
|---|---|---|---|
| security@qnapsecurity.com.tw | https://www.qnap.com/en/security-advisory/qsa-25-50 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| qnap | quts_hero | h5.2.0.2737 | |
| qnap | quts_hero | h5.2.0.2782 | |
| qnap | quts_hero | h5.2.0.2789 | |
| qnap | quts_hero | h5.2.0.2802 | |
| qnap | quts_hero | h5.2.0.2823 | |
| qnap | quts_hero | h5.2.0.2851 | |
| qnap | quts_hero | h5.2.0.2860 | |
| qnap | quts_hero | h5.2.1.2929 | |
| qnap | quts_hero | h5.2.1.2940 | |
| qnap | quts_hero | h5.2.2.2952 | |
| qnap | quts_hero | h5.2.3.3006 | |
| qnap | quts_hero | h5.2.4.3070 | |
| qnap | quts_hero | h5.2.4.3079 | |
| qnap | quts_hero | h5.2.5.3138 | |
| qnap | quts_hero | h5.2.6.3195 | |
| qnap | quts_hero | h5.3.0.3115 | |
| qnap | quts_hero | h5.3.0.3145 | |
| qnap | quts_hero | h5.3.0.3192 | |
| qnap | qts | 5.2.0.2737 | |
| qnap | qts | 5.2.0.2744 | |
| qnap | qts | 5.2.0.2782 | |
| qnap | qts | 5.2.0.2802 | |
| qnap | qts | 5.2.0.2823 | |
| qnap | qts | 5.2.0.2851 | |
| qnap | qts | 5.2.0.2860 | |
| qnap | qts | 5.2.1.2930 | |
| qnap | qts | 5.2.2.2950 | |
| qnap | qts | 5.2.3.3006 | |
| qnap | qts | 5.2.4.3070 | |
| qnap | qts | 5.2.4.3079 | |
| qnap | qts | 5.2.4.3092 | |
| qnap | qts | 5.2.5.3145 | |
| qnap | qts | 5.2.6.3195 | |
| qnap | qts | 5.2.6.3229 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.0.2737:build_20240417:*:*:*:*:*:*",
"matchCriteriaId": "CDCBB36A-CB91-4BA3-A6ED-952E6A4A0481",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.0.2782:build_20240601:*:*:*:*:*:*",
"matchCriteriaId": "240BCFF1-CCCB-4C07-8E2C-7F43F68407FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.0.2789:build_20240607:*:*:*:*:*:*",
"matchCriteriaId": "D3AF7276-77E0-474A-B10F-AC15BC5FCF00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.0.2802:build_20240620:*:*:*:*:*:*",
"matchCriteriaId": "5FA8C3EC-B6C0-44A8-BC91-18E3E90C63AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.0.2823:build_20240711:*:*:*:*:*:*",
"matchCriteriaId": "889336D2-D9F7-4CC0-A22F-B837B5E77751",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.0.2851:build_20240808:*:*:*:*:*:*",
"matchCriteriaId": "98F72EB9-0EE3-416A-B9BB-2512F5203A5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.0.2860:build_20240817:*:*:*:*:*:*",
"matchCriteriaId": "9110382F-57C2-4C2E-82D1-3246C882B2C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.1.2929:build_20241025:*:*:*:*:*:*",
"matchCriteriaId": "DB92EFD7-47DD-4AAC-97BD-A2D4918FF4ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.1.2940:build_20241105:*:*:*:*:*:*",
"matchCriteriaId": "78E38E23-1AD0-49E1-89FA-73DC2F496137",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.2.2952:build_20241116:*:*:*:*:*:*",
"matchCriteriaId": "F2F302B6-26CC-4044-B480-4EBDBB90797F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.3.3006:build_20250108:*:*:*:*:*:*",
"matchCriteriaId": "BF0093B6-8D38-4D1E-AD71-79299123C2B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.4.3070:build_20250312:*:*:*:*:*:*",
"matchCriteriaId": "48A3CDAA-B0C6-4280-B1AC-DDD027F9D632",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.4.3079:build_20250321:*:*:*:*:*:*",
"matchCriteriaId": "1807DE4F-CDF3-4E3B-ADC1-9535EF1D60FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.5.3138:build_20250519:*:*:*:*:*:*",
"matchCriteriaId": "68FF7342-A0AF-4E75-9CD6-D584B450B8AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.6.3195:build_20250715:*:*:*:*:*:*",
"matchCriteriaId": "A8E84E3D-943C-4DF5-86D3-DCAC3C034B81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.3.0.3115:build_20250430:*:*:*:*:*:*",
"matchCriteriaId": "4175C7F7-E946-41C6-8863-E23233B91A2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.3.0.3145:build_20250530:*:*:*:*:*:*",
"matchCriteriaId": "DE16C73E-9291-44FD-A9CB-B7C127E67A6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.3.0.3192:build_20250716:*:*:*:*:*:*",
"matchCriteriaId": "ED4023E4-6C28-413A-B7B1-6CEEBC48A1C0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.0.2737:build_20240417:*:*:*:*:*:*",
"matchCriteriaId": "F4026A4B-7AB4-48EA-971D-88DFDD3F01A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.0.2744:build_20240424:*:*:*:*:*:*",
"matchCriteriaId": "1F3F99BB-0D68-4D74-92C8-59E24F96C50D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.0.2782:build_20240601:*:*:*:*:*:*",
"matchCriteriaId": "1DE63B4D-8E84-41D3-B1F3-04AE6040242B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.0.2802:build_20240620:*:*:*:*:*:*",
"matchCriteriaId": "75746563-C648-4E55-9126-703F915F8B8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.0.2823:build_20240711:*:*:*:*:*:*",
"matchCriteriaId": "AF6BA027-A635-4E90-80C8-130B10AB3D23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.0.2851:build_20240808:*:*:*:*:*:*",
"matchCriteriaId": "5406F242-A215-4B07-809F-7A7CE55ACE71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.0.2860:build_20240817:*:*:*:*:*:*",
"matchCriteriaId": "FA17778E-B3B1-44DD-B4E9-5AD25A3E804C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.1.2930:build_20241025:*:*:*:*:*:*",
"matchCriteriaId": "E3FC6646-2247-4ED9-9643-CD376674E2E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.2.2950:build_20241114:*:*:*:*:*:*",
"matchCriteriaId": "62170342-067D-442C-88FB-64A4BEA8AFE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.3.3006:build_20250108:*:*:*:*:*:*",
"matchCriteriaId": "82464467-E1E6-47E1-BDE5-DDFA52994A47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.4.3070:build_20250312:*:*:*:*:*:*",
"matchCriteriaId": "75AE902C-0516-4341-9BF0-21D8803E091C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.4.3079:build_20250321:*:*:*:*:*:*",
"matchCriteriaId": "5B005D70-8C91-48D4-B09A-9EBE2E9E5090",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.4.3092:build_20250403:*:*:*:*:*:*",
"matchCriteriaId": "82FE5F89-A0E1-4D1B-A363-0A0D4141F502",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.5.3145:build_20250526:*:*:*:*:*:*",
"matchCriteriaId": "B21A9EE0-88D5-42D9-BA21-D55518FCC6E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.6.3195:build_20250715:*:*:*:*:*:*",
"matchCriteriaId": "3B575CF2-21F3-4435-B6B4-61D79B34429C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.6.3229:build_20250818:*:*:*:*:*:*",
"matchCriteriaId": "E2EBD305-91E3-4BCC-835B-4878DF4DA3B8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An allocation of resources without limits or throttling vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains a user account, they can then exploit the vulnerability to prevent other systems, applications, or processes from accessing the same type of resource.\n\nWe have already fixed the vulnerability in the following versions:\nQTS 5.2.6.3195 build 20250715 and later\nQuTS hero h5.2.6.3195 build 20250715 and later"
}
],
"id": "CVE-2025-47208",
"lastModified": "2026-01-05T19:47:19.010",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
],
"cvssMetricV40": [
{
"cvssData": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityRequirement": "NOT_DEFINED",
"exploitMaturity": "UNREPORTED",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"source": "security@qnapsecurity.com.tw",
"type": "Secondary"
}
]
},
"published": "2026-01-02T15:16:00.017",
"references": [
{
"source": "security@qnapsecurity.com.tw",
"tags": [
"Vendor Advisory"
],
"url": "https://www.qnap.com/en/security-advisory/qsa-25-50"
}
],
"sourceIdentifier": "security@qnapsecurity.com.tw",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-770"
}
],
"source": "security@qnapsecurity.com.tw",
"type": "Primary"
}
]
}
FKIE_CVE-2025-52872
Vulnerability from fkie_nvd - Published: 2026-01-02 15:16 - Updated: 2026-01-05 20:13
Severity ?
Summary
A buffer overflow vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains a user account, they can then exploit the vulnerability to modify memory or crash processes.
We have already fixed the vulnerability in the following versions:
QTS 5.2.7.3256 build 20250913 and later
QuTS hero h5.2.7.3256 build 20250913 and later
QuTS hero h5.3.0.3192 build 20250716 and later
References
| URL | Tags | ||
|---|---|---|---|
| security@qnapsecurity.com.tw | https://www.qnap.com/en/security-advisory/qsa-25-50 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| qnap | quts_hero | h5.2.0.2737 | |
| qnap | quts_hero | h5.2.0.2782 | |
| qnap | quts_hero | h5.2.0.2789 | |
| qnap | quts_hero | h5.2.0.2802 | |
| qnap | quts_hero | h5.2.0.2823 | |
| qnap | quts_hero | h5.2.0.2851 | |
| qnap | quts_hero | h5.2.0.2860 | |
| qnap | quts_hero | h5.2.1.2929 | |
| qnap | quts_hero | h5.2.1.2940 | |
| qnap | quts_hero | h5.2.2.2952 | |
| qnap | quts_hero | h5.2.3.3006 | |
| qnap | quts_hero | h5.2.4.3070 | |
| qnap | quts_hero | h5.2.4.3079 | |
| qnap | quts_hero | h5.2.5.3138 | |
| qnap | quts_hero | h5.2.6.3195 | |
| qnap | quts_hero | h5.3.0.3115 | |
| qnap | quts_hero | h5.3.0.3145 | |
| qnap | quts_hero | h5.3.0.3192 | |
| qnap | qts | 5.2.0.2737 | |
| qnap | qts | 5.2.0.2744 | |
| qnap | qts | 5.2.0.2782 | |
| qnap | qts | 5.2.0.2802 | |
| qnap | qts | 5.2.0.2823 | |
| qnap | qts | 5.2.0.2851 | |
| qnap | qts | 5.2.0.2860 | |
| qnap | qts | 5.2.1.2930 | |
| qnap | qts | 5.2.2.2950 | |
| qnap | qts | 5.2.3.3006 | |
| qnap | qts | 5.2.4.3070 | |
| qnap | qts | 5.2.4.3079 | |
| qnap | qts | 5.2.4.3092 | |
| qnap | qts | 5.2.5.3145 | |
| qnap | qts | 5.2.6.3195 | |
| qnap | qts | 5.2.6.3229 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.0.2737:build_20240417:*:*:*:*:*:*",
"matchCriteriaId": "CDCBB36A-CB91-4BA3-A6ED-952E6A4A0481",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.0.2782:build_20240601:*:*:*:*:*:*",
"matchCriteriaId": "240BCFF1-CCCB-4C07-8E2C-7F43F68407FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.0.2789:build_20240607:*:*:*:*:*:*",
"matchCriteriaId": "D3AF7276-77E0-474A-B10F-AC15BC5FCF00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.0.2802:build_20240620:*:*:*:*:*:*",
"matchCriteriaId": "5FA8C3EC-B6C0-44A8-BC91-18E3E90C63AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.0.2823:build_20240711:*:*:*:*:*:*",
"matchCriteriaId": "889336D2-D9F7-4CC0-A22F-B837B5E77751",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.0.2851:build_20240808:*:*:*:*:*:*",
"matchCriteriaId": "98F72EB9-0EE3-416A-B9BB-2512F5203A5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.0.2860:build_20240817:*:*:*:*:*:*",
"matchCriteriaId": "9110382F-57C2-4C2E-82D1-3246C882B2C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.1.2929:build_20241025:*:*:*:*:*:*",
"matchCriteriaId": "DB92EFD7-47DD-4AAC-97BD-A2D4918FF4ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.1.2940:build_20241105:*:*:*:*:*:*",
"matchCriteriaId": "78E38E23-1AD0-49E1-89FA-73DC2F496137",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.2.2952:build_20241116:*:*:*:*:*:*",
"matchCriteriaId": "F2F302B6-26CC-4044-B480-4EBDBB90797F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.3.3006:build_20250108:*:*:*:*:*:*",
"matchCriteriaId": "BF0093B6-8D38-4D1E-AD71-79299123C2B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.4.3070:build_20250312:*:*:*:*:*:*",
"matchCriteriaId": "48A3CDAA-B0C6-4280-B1AC-DDD027F9D632",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.4.3079:build_20250321:*:*:*:*:*:*",
"matchCriteriaId": "1807DE4F-CDF3-4E3B-ADC1-9535EF1D60FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.5.3138:build_20250519:*:*:*:*:*:*",
"matchCriteriaId": "68FF7342-A0AF-4E75-9CD6-D584B450B8AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.6.3195:build_20250715:*:*:*:*:*:*",
"matchCriteriaId": "A8E84E3D-943C-4DF5-86D3-DCAC3C034B81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.3.0.3115:build_20250430:*:*:*:*:*:*",
"matchCriteriaId": "4175C7F7-E946-41C6-8863-E23233B91A2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.3.0.3145:build_20250530:*:*:*:*:*:*",
"matchCriteriaId": "DE16C73E-9291-44FD-A9CB-B7C127E67A6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.3.0.3192:build_20250716:*:*:*:*:*:*",
"matchCriteriaId": "ED4023E4-6C28-413A-B7B1-6CEEBC48A1C0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.0.2737:build_20240417:*:*:*:*:*:*",
"matchCriteriaId": "F4026A4B-7AB4-48EA-971D-88DFDD3F01A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.0.2744:build_20240424:*:*:*:*:*:*",
"matchCriteriaId": "1F3F99BB-0D68-4D74-92C8-59E24F96C50D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.0.2782:build_20240601:*:*:*:*:*:*",
"matchCriteriaId": "1DE63B4D-8E84-41D3-B1F3-04AE6040242B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.0.2802:build_20240620:*:*:*:*:*:*",
"matchCriteriaId": "75746563-C648-4E55-9126-703F915F8B8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.0.2823:build_20240711:*:*:*:*:*:*",
"matchCriteriaId": "AF6BA027-A635-4E90-80C8-130B10AB3D23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.0.2851:build_20240808:*:*:*:*:*:*",
"matchCriteriaId": "5406F242-A215-4B07-809F-7A7CE55ACE71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.0.2860:build_20240817:*:*:*:*:*:*",
"matchCriteriaId": "FA17778E-B3B1-44DD-B4E9-5AD25A3E804C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.1.2930:build_20241025:*:*:*:*:*:*",
"matchCriteriaId": "E3FC6646-2247-4ED9-9643-CD376674E2E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.2.2950:build_20241114:*:*:*:*:*:*",
"matchCriteriaId": "62170342-067D-442C-88FB-64A4BEA8AFE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.3.3006:build_20250108:*:*:*:*:*:*",
"matchCriteriaId": "82464467-E1E6-47E1-BDE5-DDFA52994A47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.4.3070:build_20250312:*:*:*:*:*:*",
"matchCriteriaId": "75AE902C-0516-4341-9BF0-21D8803E091C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.4.3079:build_20250321:*:*:*:*:*:*",
"matchCriteriaId": "5B005D70-8C91-48D4-B09A-9EBE2E9E5090",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.4.3092:build_20250403:*:*:*:*:*:*",
"matchCriteriaId": "82FE5F89-A0E1-4D1B-A363-0A0D4141F502",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.5.3145:build_20250526:*:*:*:*:*:*",
"matchCriteriaId": "B21A9EE0-88D5-42D9-BA21-D55518FCC6E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.6.3195:build_20250715:*:*:*:*:*:*",
"matchCriteriaId": "3B575CF2-21F3-4435-B6B4-61D79B34429C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.6.3229:build_20250818:*:*:*:*:*:*",
"matchCriteriaId": "E2EBD305-91E3-4BCC-835B-4878DF4DA3B8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A buffer overflow vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains a user account, they can then exploit the vulnerability to modify memory or crash processes.\n\nWe have already fixed the vulnerability in the following versions:\nQTS 5.2.7.3256 build 20250913 and later\nQuTS hero h5.2.7.3256 build 20250913 and later\nQuTS hero h5.3.0.3192 build 20250716 and later"
}
],
"id": "CVE-2025-52872",
"lastModified": "2026-01-05T20:13:07.703",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
],
"cvssMetricV40": [
{
"cvssData": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 1.3,
"baseSeverity": "LOW",
"confidentialityRequirement": "NOT_DEFINED",
"exploitMaturity": "UNREPORTED",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"source": "security@qnapsecurity.com.tw",
"type": "Secondary"
}
]
},
"published": "2026-01-02T15:16:00.980",
"references": [
{
"source": "security@qnapsecurity.com.tw",
"tags": [
"Vendor Advisory"
],
"url": "https://www.qnap.com/en/security-advisory/qsa-25-50"
}
],
"sourceIdentifier": "security@qnapsecurity.com.tw",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-120"
}
],
"source": "security@qnapsecurity.com.tw",
"type": "Primary"
}
]
}
FKIE_CVE-2025-52863
Vulnerability from fkie_nvd - Published: 2026-01-02 15:16 - Updated: 2026-01-05 20:13
Severity ?
Summary
A buffer overflow vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains a user account, they can then exploit the vulnerability to modify memory or crash processes.
We have already fixed the vulnerability in the following versions:
QTS 5.2.7.3256 build 20250913 and later
QuTS hero h5.2.7.3256 build 20250913 and later
QuTS hero h5.3.0.3192 build 20250716 and later
References
| URL | Tags | ||
|---|---|---|---|
| security@qnapsecurity.com.tw | https://www.qnap.com/en/security-advisory/qsa-25-50 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| qnap | quts_hero | h5.2.0.2737 | |
| qnap | quts_hero | h5.2.0.2782 | |
| qnap | quts_hero | h5.2.0.2789 | |
| qnap | quts_hero | h5.2.0.2802 | |
| qnap | quts_hero | h5.2.0.2823 | |
| qnap | quts_hero | h5.2.0.2851 | |
| qnap | quts_hero | h5.2.0.2860 | |
| qnap | quts_hero | h5.2.1.2929 | |
| qnap | quts_hero | h5.2.1.2940 | |
| qnap | quts_hero | h5.2.2.2952 | |
| qnap | quts_hero | h5.2.3.3006 | |
| qnap | quts_hero | h5.2.4.3070 | |
| qnap | quts_hero | h5.2.4.3079 | |
| qnap | quts_hero | h5.2.5.3138 | |
| qnap | quts_hero | h5.2.6.3195 | |
| qnap | quts_hero | h5.3.0.3115 | |
| qnap | quts_hero | h5.3.0.3145 | |
| qnap | quts_hero | h5.3.0.3192 | |
| qnap | qts | 5.2.0.2737 | |
| qnap | qts | 5.2.0.2744 | |
| qnap | qts | 5.2.0.2782 | |
| qnap | qts | 5.2.0.2802 | |
| qnap | qts | 5.2.0.2823 | |
| qnap | qts | 5.2.0.2851 | |
| qnap | qts | 5.2.0.2860 | |
| qnap | qts | 5.2.1.2930 | |
| qnap | qts | 5.2.2.2950 | |
| qnap | qts | 5.2.3.3006 | |
| qnap | qts | 5.2.4.3070 | |
| qnap | qts | 5.2.4.3079 | |
| qnap | qts | 5.2.4.3092 | |
| qnap | qts | 5.2.5.3145 | |
| qnap | qts | 5.2.6.3195 | |
| qnap | qts | 5.2.6.3229 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.0.2737:build_20240417:*:*:*:*:*:*",
"matchCriteriaId": "CDCBB36A-CB91-4BA3-A6ED-952E6A4A0481",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.0.2782:build_20240601:*:*:*:*:*:*",
"matchCriteriaId": "240BCFF1-CCCB-4C07-8E2C-7F43F68407FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.0.2789:build_20240607:*:*:*:*:*:*",
"matchCriteriaId": "D3AF7276-77E0-474A-B10F-AC15BC5FCF00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.0.2802:build_20240620:*:*:*:*:*:*",
"matchCriteriaId": "5FA8C3EC-B6C0-44A8-BC91-18E3E90C63AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.0.2823:build_20240711:*:*:*:*:*:*",
"matchCriteriaId": "889336D2-D9F7-4CC0-A22F-B837B5E77751",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.0.2851:build_20240808:*:*:*:*:*:*",
"matchCriteriaId": "98F72EB9-0EE3-416A-B9BB-2512F5203A5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.0.2860:build_20240817:*:*:*:*:*:*",
"matchCriteriaId": "9110382F-57C2-4C2E-82D1-3246C882B2C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.1.2929:build_20241025:*:*:*:*:*:*",
"matchCriteriaId": "DB92EFD7-47DD-4AAC-97BD-A2D4918FF4ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.1.2940:build_20241105:*:*:*:*:*:*",
"matchCriteriaId": "78E38E23-1AD0-49E1-89FA-73DC2F496137",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.2.2952:build_20241116:*:*:*:*:*:*",
"matchCriteriaId": "F2F302B6-26CC-4044-B480-4EBDBB90797F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.3.3006:build_20250108:*:*:*:*:*:*",
"matchCriteriaId": "BF0093B6-8D38-4D1E-AD71-79299123C2B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.4.3070:build_20250312:*:*:*:*:*:*",
"matchCriteriaId": "48A3CDAA-B0C6-4280-B1AC-DDD027F9D632",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.4.3079:build_20250321:*:*:*:*:*:*",
"matchCriteriaId": "1807DE4F-CDF3-4E3B-ADC1-9535EF1D60FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.5.3138:build_20250519:*:*:*:*:*:*",
"matchCriteriaId": "68FF7342-A0AF-4E75-9CD6-D584B450B8AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.6.3195:build_20250715:*:*:*:*:*:*",
"matchCriteriaId": "A8E84E3D-943C-4DF5-86D3-DCAC3C034B81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.3.0.3115:build_20250430:*:*:*:*:*:*",
"matchCriteriaId": "4175C7F7-E946-41C6-8863-E23233B91A2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.3.0.3145:build_20250530:*:*:*:*:*:*",
"matchCriteriaId": "DE16C73E-9291-44FD-A9CB-B7C127E67A6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.3.0.3192:build_20250716:*:*:*:*:*:*",
"matchCriteriaId": "ED4023E4-6C28-413A-B7B1-6CEEBC48A1C0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.0.2737:build_20240417:*:*:*:*:*:*",
"matchCriteriaId": "F4026A4B-7AB4-48EA-971D-88DFDD3F01A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.0.2744:build_20240424:*:*:*:*:*:*",
"matchCriteriaId": "1F3F99BB-0D68-4D74-92C8-59E24F96C50D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.0.2782:build_20240601:*:*:*:*:*:*",
"matchCriteriaId": "1DE63B4D-8E84-41D3-B1F3-04AE6040242B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.0.2802:build_20240620:*:*:*:*:*:*",
"matchCriteriaId": "75746563-C648-4E55-9126-703F915F8B8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.0.2823:build_20240711:*:*:*:*:*:*",
"matchCriteriaId": "AF6BA027-A635-4E90-80C8-130B10AB3D23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.0.2851:build_20240808:*:*:*:*:*:*",
"matchCriteriaId": "5406F242-A215-4B07-809F-7A7CE55ACE71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.0.2860:build_20240817:*:*:*:*:*:*",
"matchCriteriaId": "FA17778E-B3B1-44DD-B4E9-5AD25A3E804C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.1.2930:build_20241025:*:*:*:*:*:*",
"matchCriteriaId": "E3FC6646-2247-4ED9-9643-CD376674E2E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.2.2950:build_20241114:*:*:*:*:*:*",
"matchCriteriaId": "62170342-067D-442C-88FB-64A4BEA8AFE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.3.3006:build_20250108:*:*:*:*:*:*",
"matchCriteriaId": "82464467-E1E6-47E1-BDE5-DDFA52994A47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.4.3070:build_20250312:*:*:*:*:*:*",
"matchCriteriaId": "75AE902C-0516-4341-9BF0-21D8803E091C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.4.3079:build_20250321:*:*:*:*:*:*",
"matchCriteriaId": "5B005D70-8C91-48D4-B09A-9EBE2E9E5090",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.4.3092:build_20250403:*:*:*:*:*:*",
"matchCriteriaId": "82FE5F89-A0E1-4D1B-A363-0A0D4141F502",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.5.3145:build_20250526:*:*:*:*:*:*",
"matchCriteriaId": "B21A9EE0-88D5-42D9-BA21-D55518FCC6E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.6.3195:build_20250715:*:*:*:*:*:*",
"matchCriteriaId": "3B575CF2-21F3-4435-B6B4-61D79B34429C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.6.3229:build_20250818:*:*:*:*:*:*",
"matchCriteriaId": "E2EBD305-91E3-4BCC-835B-4878DF4DA3B8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A buffer overflow vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains a user account, they can then exploit the vulnerability to modify memory or crash processes.\n\nWe have already fixed the vulnerability in the following versions:\nQTS 5.2.7.3256 build 20250913 and later\nQuTS hero h5.2.7.3256 build 20250913 and later\nQuTS hero h5.3.0.3192 build 20250716 and later"
}
],
"id": "CVE-2025-52863",
"lastModified": "2026-01-05T20:13:45.397",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
],
"cvssMetricV40": [
{
"cvssData": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 1.3,
"baseSeverity": "LOW",
"confidentialityRequirement": "NOT_DEFINED",
"exploitMaturity": "UNREPORTED",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"source": "security@qnapsecurity.com.tw",
"type": "Secondary"
}
]
},
"published": "2026-01-02T15:16:00.670",
"references": [
{
"source": "security@qnapsecurity.com.tw",
"tags": [
"Vendor Advisory"
],
"url": "https://www.qnap.com/en/security-advisory/qsa-25-50"
}
],
"sourceIdentifier": "security@qnapsecurity.com.tw",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-120"
}
],
"source": "security@qnapsecurity.com.tw",
"type": "Primary"
}
]
}
FKIE_CVE-2025-52431
Vulnerability from fkie_nvd - Published: 2026-01-02 15:16 - Updated: 2026-01-05 20:21
Severity ?
Summary
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack.
We have already fixed the vulnerability in the following versions:
QTS 5.2.7.3256 build 20250913 and later
QuTS hero h5.2.7.3256 build 20250913 and later
QuTS hero h5.3.1.3250 build 20250912 and later
References
| URL | Tags | ||
|---|---|---|---|
| security@qnapsecurity.com.tw | https://www.qnap.com/en/security-advisory/qsa-25-50 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| qnap | quts_hero | h5.2.0.2737 | |
| qnap | quts_hero | h5.2.0.2782 | |
| qnap | quts_hero | h5.2.0.2789 | |
| qnap | quts_hero | h5.2.0.2802 | |
| qnap | quts_hero | h5.2.0.2823 | |
| qnap | quts_hero | h5.2.0.2851 | |
| qnap | quts_hero | h5.2.0.2860 | |
| qnap | quts_hero | h5.2.1.2929 | |
| qnap | quts_hero | h5.2.1.2940 | |
| qnap | quts_hero | h5.2.2.2952 | |
| qnap | quts_hero | h5.2.3.3006 | |
| qnap | quts_hero | h5.2.4.3070 | |
| qnap | quts_hero | h5.2.4.3079 | |
| qnap | quts_hero | h5.2.5.3138 | |
| qnap | quts_hero | h5.2.6.3195 | |
| qnap | quts_hero | h5.3.0.3115 | |
| qnap | quts_hero | h5.3.0.3145 | |
| qnap | quts_hero | h5.3.0.3192 | |
| qnap | qts | 5.2.0.2737 | |
| qnap | qts | 5.2.0.2744 | |
| qnap | qts | 5.2.0.2782 | |
| qnap | qts | 5.2.0.2802 | |
| qnap | qts | 5.2.0.2823 | |
| qnap | qts | 5.2.0.2851 | |
| qnap | qts | 5.2.0.2860 | |
| qnap | qts | 5.2.1.2930 | |
| qnap | qts | 5.2.2.2950 | |
| qnap | qts | 5.2.3.3006 | |
| qnap | qts | 5.2.4.3070 | |
| qnap | qts | 5.2.4.3079 | |
| qnap | qts | 5.2.4.3092 | |
| qnap | qts | 5.2.5.3145 | |
| qnap | qts | 5.2.6.3195 | |
| qnap | qts | 5.2.6.3229 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.0.2737:build_20240417:*:*:*:*:*:*",
"matchCriteriaId": "CDCBB36A-CB91-4BA3-A6ED-952E6A4A0481",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.0.2782:build_20240601:*:*:*:*:*:*",
"matchCriteriaId": "240BCFF1-CCCB-4C07-8E2C-7F43F68407FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.0.2789:build_20240607:*:*:*:*:*:*",
"matchCriteriaId": "D3AF7276-77E0-474A-B10F-AC15BC5FCF00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.0.2802:build_20240620:*:*:*:*:*:*",
"matchCriteriaId": "5FA8C3EC-B6C0-44A8-BC91-18E3E90C63AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.0.2823:build_20240711:*:*:*:*:*:*",
"matchCriteriaId": "889336D2-D9F7-4CC0-A22F-B837B5E77751",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.0.2851:build_20240808:*:*:*:*:*:*",
"matchCriteriaId": "98F72EB9-0EE3-416A-B9BB-2512F5203A5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.0.2860:build_20240817:*:*:*:*:*:*",
"matchCriteriaId": "9110382F-57C2-4C2E-82D1-3246C882B2C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.1.2929:build_20241025:*:*:*:*:*:*",
"matchCriteriaId": "DB92EFD7-47DD-4AAC-97BD-A2D4918FF4ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.1.2940:build_20241105:*:*:*:*:*:*",
"matchCriteriaId": "78E38E23-1AD0-49E1-89FA-73DC2F496137",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.2.2952:build_20241116:*:*:*:*:*:*",
"matchCriteriaId": "F2F302B6-26CC-4044-B480-4EBDBB90797F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.3.3006:build_20250108:*:*:*:*:*:*",
"matchCriteriaId": "BF0093B6-8D38-4D1E-AD71-79299123C2B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.4.3070:build_20250312:*:*:*:*:*:*",
"matchCriteriaId": "48A3CDAA-B0C6-4280-B1AC-DDD027F9D632",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.4.3079:build_20250321:*:*:*:*:*:*",
"matchCriteriaId": "1807DE4F-CDF3-4E3B-ADC1-9535EF1D60FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.5.3138:build_20250519:*:*:*:*:*:*",
"matchCriteriaId": "68FF7342-A0AF-4E75-9CD6-D584B450B8AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.6.3195:build_20250715:*:*:*:*:*:*",
"matchCriteriaId": "A8E84E3D-943C-4DF5-86D3-DCAC3C034B81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.3.0.3115:build_20250430:*:*:*:*:*:*",
"matchCriteriaId": "4175C7F7-E946-41C6-8863-E23233B91A2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.3.0.3145:build_20250530:*:*:*:*:*:*",
"matchCriteriaId": "DE16C73E-9291-44FD-A9CB-B7C127E67A6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.3.0.3192:build_20250716:*:*:*:*:*:*",
"matchCriteriaId": "ED4023E4-6C28-413A-B7B1-6CEEBC48A1C0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.0.2737:build_20240417:*:*:*:*:*:*",
"matchCriteriaId": "F4026A4B-7AB4-48EA-971D-88DFDD3F01A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.0.2744:build_20240424:*:*:*:*:*:*",
"matchCriteriaId": "1F3F99BB-0D68-4D74-92C8-59E24F96C50D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.0.2782:build_20240601:*:*:*:*:*:*",
"matchCriteriaId": "1DE63B4D-8E84-41D3-B1F3-04AE6040242B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.0.2802:build_20240620:*:*:*:*:*:*",
"matchCriteriaId": "75746563-C648-4E55-9126-703F915F8B8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.0.2823:build_20240711:*:*:*:*:*:*",
"matchCriteriaId": "AF6BA027-A635-4E90-80C8-130B10AB3D23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.0.2851:build_20240808:*:*:*:*:*:*",
"matchCriteriaId": "5406F242-A215-4B07-809F-7A7CE55ACE71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.0.2860:build_20240817:*:*:*:*:*:*",
"matchCriteriaId": "FA17778E-B3B1-44DD-B4E9-5AD25A3E804C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.1.2930:build_20241025:*:*:*:*:*:*",
"matchCriteriaId": "E3FC6646-2247-4ED9-9643-CD376674E2E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.2.2950:build_20241114:*:*:*:*:*:*",
"matchCriteriaId": "62170342-067D-442C-88FB-64A4BEA8AFE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.3.3006:build_20250108:*:*:*:*:*:*",
"matchCriteriaId": "82464467-E1E6-47E1-BDE5-DDFA52994A47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.4.3070:build_20250312:*:*:*:*:*:*",
"matchCriteriaId": "75AE902C-0516-4341-9BF0-21D8803E091C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.4.3079:build_20250321:*:*:*:*:*:*",
"matchCriteriaId": "5B005D70-8C91-48D4-B09A-9EBE2E9E5090",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.4.3092:build_20250403:*:*:*:*:*:*",
"matchCriteriaId": "82FE5F89-A0E1-4D1B-A363-0A0D4141F502",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.5.3145:build_20250526:*:*:*:*:*:*",
"matchCriteriaId": "B21A9EE0-88D5-42D9-BA21-D55518FCC6E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.6.3195:build_20250715:*:*:*:*:*:*",
"matchCriteriaId": "3B575CF2-21F3-4435-B6B4-61D79B34429C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.6.3229:build_20250818:*:*:*:*:*:*",
"matchCriteriaId": "E2EBD305-91E3-4BCC-835B-4878DF4DA3B8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack.\n\nWe have already fixed the vulnerability in the following versions:\nQTS 5.2.7.3256 build 20250913 and later\nQuTS hero h5.2.7.3256 build 20250913 and later\nQuTS hero h5.3.1.3250 build 20250912 and later"
}
],
"id": "CVE-2025-52431",
"lastModified": "2026-01-05T20:21:44.410",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
],
"cvssMetricV40": [
{
"cvssData": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 1.2,
"baseSeverity": "LOW",
"confidentialityRequirement": "NOT_DEFINED",
"exploitMaturity": "UNREPORTED",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"privilegesRequired": "HIGH",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"source": "security@qnapsecurity.com.tw",
"type": "Secondary"
}
]
},
"published": "2026-01-02T15:16:00.540",
"references": [
{
"source": "security@qnapsecurity.com.tw",
"tags": [
"Vendor Advisory"
],
"url": "https://www.qnap.com/en/security-advisory/qsa-25-50"
}
],
"sourceIdentifier": "security@qnapsecurity.com.tw",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-476"
}
],
"source": "security@qnapsecurity.com.tw",
"type": "Primary"
}
]
}
FKIE_CVE-2025-52426
Vulnerability from fkie_nvd - Published: 2026-01-02 15:16 - Updated: 2026-01-05 20:22
Severity ?
Summary
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack.
We have already fixed the vulnerability in the following versions:
QTS 5.2.7.3256 build 20250913 and later
QuTS hero h5.2.7.3256 build 20250913 and later
QuTS hero h5.3.1.3250 build 20250912 and later
References
| URL | Tags | ||
|---|---|---|---|
| security@qnapsecurity.com.tw | https://www.qnap.com/en/security-advisory/qsa-25-50 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| qnap | quts_hero | h5.2.0.2737 | |
| qnap | quts_hero | h5.2.0.2782 | |
| qnap | quts_hero | h5.2.0.2789 | |
| qnap | quts_hero | h5.2.0.2802 | |
| qnap | quts_hero | h5.2.0.2823 | |
| qnap | quts_hero | h5.2.0.2851 | |
| qnap | quts_hero | h5.2.0.2860 | |
| qnap | quts_hero | h5.2.1.2929 | |
| qnap | quts_hero | h5.2.1.2940 | |
| qnap | quts_hero | h5.2.2.2952 | |
| qnap | quts_hero | h5.2.3.3006 | |
| qnap | quts_hero | h5.2.4.3070 | |
| qnap | quts_hero | h5.2.4.3079 | |
| qnap | quts_hero | h5.2.5.3138 | |
| qnap | quts_hero | h5.2.6.3195 | |
| qnap | quts_hero | h5.3.0.3115 | |
| qnap | quts_hero | h5.3.0.3145 | |
| qnap | quts_hero | h5.3.0.3192 | |
| qnap | qts | 5.2.0.2737 | |
| qnap | qts | 5.2.0.2744 | |
| qnap | qts | 5.2.0.2782 | |
| qnap | qts | 5.2.0.2802 | |
| qnap | qts | 5.2.0.2823 | |
| qnap | qts | 5.2.0.2851 | |
| qnap | qts | 5.2.0.2860 | |
| qnap | qts | 5.2.1.2930 | |
| qnap | qts | 5.2.2.2950 | |
| qnap | qts | 5.2.3.3006 | |
| qnap | qts | 5.2.4.3070 | |
| qnap | qts | 5.2.4.3079 | |
| qnap | qts | 5.2.4.3092 | |
| qnap | qts | 5.2.5.3145 | |
| qnap | qts | 5.2.6.3195 | |
| qnap | qts | 5.2.6.3229 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.0.2737:build_20240417:*:*:*:*:*:*",
"matchCriteriaId": "CDCBB36A-CB91-4BA3-A6ED-952E6A4A0481",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.0.2782:build_20240601:*:*:*:*:*:*",
"matchCriteriaId": "240BCFF1-CCCB-4C07-8E2C-7F43F68407FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.0.2789:build_20240607:*:*:*:*:*:*",
"matchCriteriaId": "D3AF7276-77E0-474A-B10F-AC15BC5FCF00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.0.2802:build_20240620:*:*:*:*:*:*",
"matchCriteriaId": "5FA8C3EC-B6C0-44A8-BC91-18E3E90C63AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.0.2823:build_20240711:*:*:*:*:*:*",
"matchCriteriaId": "889336D2-D9F7-4CC0-A22F-B837B5E77751",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.0.2851:build_20240808:*:*:*:*:*:*",
"matchCriteriaId": "98F72EB9-0EE3-416A-B9BB-2512F5203A5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.0.2860:build_20240817:*:*:*:*:*:*",
"matchCriteriaId": "9110382F-57C2-4C2E-82D1-3246C882B2C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.1.2929:build_20241025:*:*:*:*:*:*",
"matchCriteriaId": "DB92EFD7-47DD-4AAC-97BD-A2D4918FF4ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.1.2940:build_20241105:*:*:*:*:*:*",
"matchCriteriaId": "78E38E23-1AD0-49E1-89FA-73DC2F496137",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.2.2952:build_20241116:*:*:*:*:*:*",
"matchCriteriaId": "F2F302B6-26CC-4044-B480-4EBDBB90797F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.3.3006:build_20250108:*:*:*:*:*:*",
"matchCriteriaId": "BF0093B6-8D38-4D1E-AD71-79299123C2B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.4.3070:build_20250312:*:*:*:*:*:*",
"matchCriteriaId": "48A3CDAA-B0C6-4280-B1AC-DDD027F9D632",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.4.3079:build_20250321:*:*:*:*:*:*",
"matchCriteriaId": "1807DE4F-CDF3-4E3B-ADC1-9535EF1D60FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.5.3138:build_20250519:*:*:*:*:*:*",
"matchCriteriaId": "68FF7342-A0AF-4E75-9CD6-D584B450B8AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.6.3195:build_20250715:*:*:*:*:*:*",
"matchCriteriaId": "A8E84E3D-943C-4DF5-86D3-DCAC3C034B81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.3.0.3115:build_20250430:*:*:*:*:*:*",
"matchCriteriaId": "4175C7F7-E946-41C6-8863-E23233B91A2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.3.0.3145:build_20250530:*:*:*:*:*:*",
"matchCriteriaId": "DE16C73E-9291-44FD-A9CB-B7C127E67A6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.3.0.3192:build_20250716:*:*:*:*:*:*",
"matchCriteriaId": "ED4023E4-6C28-413A-B7B1-6CEEBC48A1C0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.0.2737:build_20240417:*:*:*:*:*:*",
"matchCriteriaId": "F4026A4B-7AB4-48EA-971D-88DFDD3F01A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.0.2744:build_20240424:*:*:*:*:*:*",
"matchCriteriaId": "1F3F99BB-0D68-4D74-92C8-59E24F96C50D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.0.2782:build_20240601:*:*:*:*:*:*",
"matchCriteriaId": "1DE63B4D-8E84-41D3-B1F3-04AE6040242B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.0.2802:build_20240620:*:*:*:*:*:*",
"matchCriteriaId": "75746563-C648-4E55-9126-703F915F8B8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.0.2823:build_20240711:*:*:*:*:*:*",
"matchCriteriaId": "AF6BA027-A635-4E90-80C8-130B10AB3D23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.0.2851:build_20240808:*:*:*:*:*:*",
"matchCriteriaId": "5406F242-A215-4B07-809F-7A7CE55ACE71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.0.2860:build_20240817:*:*:*:*:*:*",
"matchCriteriaId": "FA17778E-B3B1-44DD-B4E9-5AD25A3E804C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.1.2930:build_20241025:*:*:*:*:*:*",
"matchCriteriaId": "E3FC6646-2247-4ED9-9643-CD376674E2E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.2.2950:build_20241114:*:*:*:*:*:*",
"matchCriteriaId": "62170342-067D-442C-88FB-64A4BEA8AFE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.3.3006:build_20250108:*:*:*:*:*:*",
"matchCriteriaId": "82464467-E1E6-47E1-BDE5-DDFA52994A47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.4.3070:build_20250312:*:*:*:*:*:*",
"matchCriteriaId": "75AE902C-0516-4341-9BF0-21D8803E091C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.4.3079:build_20250321:*:*:*:*:*:*",
"matchCriteriaId": "5B005D70-8C91-48D4-B09A-9EBE2E9E5090",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.4.3092:build_20250403:*:*:*:*:*:*",
"matchCriteriaId": "82FE5F89-A0E1-4D1B-A363-0A0D4141F502",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.5.3145:build_20250526:*:*:*:*:*:*",
"matchCriteriaId": "B21A9EE0-88D5-42D9-BA21-D55518FCC6E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.6.3195:build_20250715:*:*:*:*:*:*",
"matchCriteriaId": "3B575CF2-21F3-4435-B6B4-61D79B34429C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.6.3229:build_20250818:*:*:*:*:*:*",
"matchCriteriaId": "E2EBD305-91E3-4BCC-835B-4878DF4DA3B8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack.\n\nWe have already fixed the vulnerability in the following versions:\nQTS 5.2.7.3256 build 20250913 and later\nQuTS hero h5.2.7.3256 build 20250913 and later\nQuTS hero h5.3.1.3250 build 20250912 and later"
}
],
"id": "CVE-2025-52426",
"lastModified": "2026-01-05T20:22:31.720",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
],
"cvssMetricV40": [
{
"cvssData": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 1.2,
"baseSeverity": "LOW",
"confidentialityRequirement": "NOT_DEFINED",
"exploitMaturity": "UNREPORTED",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"privilegesRequired": "HIGH",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"source": "security@qnapsecurity.com.tw",
"type": "Secondary"
}
]
},
"published": "2026-01-02T15:16:00.263",
"references": [
{
"source": "security@qnapsecurity.com.tw",
"tags": [
"Vendor Advisory"
],
"url": "https://www.qnap.com/en/security-advisory/qsa-25-50"
}
],
"sourceIdentifier": "security@qnapsecurity.com.tw",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-476"
}
],
"source": "security@qnapsecurity.com.tw",
"type": "Primary"
}
]
}
FKIE_CVE-2025-44013
Vulnerability from fkie_nvd - Published: 2026-01-02 15:15 - Updated: 2026-01-05 20:22
Severity ?
Summary
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack.
We have already fixed the vulnerability in the following versions:
QTS 5.2.6.3195 build 20250715 and later
QuTS hero h5.2.6.3195 build 20250715 and later
References
| URL | Tags | ||
|---|---|---|---|
| security@qnapsecurity.com.tw | https://www.qnap.com/en/security-advisory/qsa-25-50 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| qnap | quts_hero | h5.2.0.2737 | |
| qnap | quts_hero | h5.2.0.2782 | |
| qnap | quts_hero | h5.2.0.2789 | |
| qnap | quts_hero | h5.2.0.2802 | |
| qnap | quts_hero | h5.2.0.2823 | |
| qnap | quts_hero | h5.2.0.2851 | |
| qnap | quts_hero | h5.2.0.2860 | |
| qnap | quts_hero | h5.2.1.2929 | |
| qnap | quts_hero | h5.2.1.2940 | |
| qnap | quts_hero | h5.2.2.2952 | |
| qnap | quts_hero | h5.2.3.3006 | |
| qnap | quts_hero | h5.2.4.3070 | |
| qnap | quts_hero | h5.2.4.3079 | |
| qnap | quts_hero | h5.2.5.3138 | |
| qnap | quts_hero | h5.2.6.3195 | |
| qnap | quts_hero | h5.3.0.3115 | |
| qnap | quts_hero | h5.3.0.3145 | |
| qnap | quts_hero | h5.3.0.3192 | |
| qnap | qts | 5.2.0.2737 | |
| qnap | qts | 5.2.0.2744 | |
| qnap | qts | 5.2.0.2782 | |
| qnap | qts | 5.2.0.2802 | |
| qnap | qts | 5.2.0.2823 | |
| qnap | qts | 5.2.0.2851 | |
| qnap | qts | 5.2.0.2860 | |
| qnap | qts | 5.2.1.2930 | |
| qnap | qts | 5.2.2.2950 | |
| qnap | qts | 5.2.3.3006 | |
| qnap | qts | 5.2.4.3070 | |
| qnap | qts | 5.2.4.3079 | |
| qnap | qts | 5.2.4.3092 | |
| qnap | qts | 5.2.5.3145 | |
| qnap | qts | 5.2.6.3195 | |
| qnap | qts | 5.2.6.3229 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.0.2737:build_20240417:*:*:*:*:*:*",
"matchCriteriaId": "CDCBB36A-CB91-4BA3-A6ED-952E6A4A0481",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.0.2782:build_20240601:*:*:*:*:*:*",
"matchCriteriaId": "240BCFF1-CCCB-4C07-8E2C-7F43F68407FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.0.2789:build_20240607:*:*:*:*:*:*",
"matchCriteriaId": "D3AF7276-77E0-474A-B10F-AC15BC5FCF00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.0.2802:build_20240620:*:*:*:*:*:*",
"matchCriteriaId": "5FA8C3EC-B6C0-44A8-BC91-18E3E90C63AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.0.2823:build_20240711:*:*:*:*:*:*",
"matchCriteriaId": "889336D2-D9F7-4CC0-A22F-B837B5E77751",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.0.2851:build_20240808:*:*:*:*:*:*",
"matchCriteriaId": "98F72EB9-0EE3-416A-B9BB-2512F5203A5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.0.2860:build_20240817:*:*:*:*:*:*",
"matchCriteriaId": "9110382F-57C2-4C2E-82D1-3246C882B2C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.1.2929:build_20241025:*:*:*:*:*:*",
"matchCriteriaId": "DB92EFD7-47DD-4AAC-97BD-A2D4918FF4ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.1.2940:build_20241105:*:*:*:*:*:*",
"matchCriteriaId": "78E38E23-1AD0-49E1-89FA-73DC2F496137",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.2.2952:build_20241116:*:*:*:*:*:*",
"matchCriteriaId": "F2F302B6-26CC-4044-B480-4EBDBB90797F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.3.3006:build_20250108:*:*:*:*:*:*",
"matchCriteriaId": "BF0093B6-8D38-4D1E-AD71-79299123C2B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.4.3070:build_20250312:*:*:*:*:*:*",
"matchCriteriaId": "48A3CDAA-B0C6-4280-B1AC-DDD027F9D632",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.4.3079:build_20250321:*:*:*:*:*:*",
"matchCriteriaId": "1807DE4F-CDF3-4E3B-ADC1-9535EF1D60FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.5.3138:build_20250519:*:*:*:*:*:*",
"matchCriteriaId": "68FF7342-A0AF-4E75-9CD6-D584B450B8AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.2.6.3195:build_20250715:*:*:*:*:*:*",
"matchCriteriaId": "A8E84E3D-943C-4DF5-86D3-DCAC3C034B81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.3.0.3115:build_20250430:*:*:*:*:*:*",
"matchCriteriaId": "4175C7F7-E946-41C6-8863-E23233B91A2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.3.0.3145:build_20250530:*:*:*:*:*:*",
"matchCriteriaId": "DE16C73E-9291-44FD-A9CB-B7C127E67A6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:quts_hero:h5.3.0.3192:build_20250716:*:*:*:*:*:*",
"matchCriteriaId": "ED4023E4-6C28-413A-B7B1-6CEEBC48A1C0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.0.2737:build_20240417:*:*:*:*:*:*",
"matchCriteriaId": "F4026A4B-7AB4-48EA-971D-88DFDD3F01A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.0.2744:build_20240424:*:*:*:*:*:*",
"matchCriteriaId": "1F3F99BB-0D68-4D74-92C8-59E24F96C50D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.0.2782:build_20240601:*:*:*:*:*:*",
"matchCriteriaId": "1DE63B4D-8E84-41D3-B1F3-04AE6040242B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.0.2802:build_20240620:*:*:*:*:*:*",
"matchCriteriaId": "75746563-C648-4E55-9126-703F915F8B8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.0.2823:build_20240711:*:*:*:*:*:*",
"matchCriteriaId": "AF6BA027-A635-4E90-80C8-130B10AB3D23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.0.2851:build_20240808:*:*:*:*:*:*",
"matchCriteriaId": "5406F242-A215-4B07-809F-7A7CE55ACE71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.0.2860:build_20240817:*:*:*:*:*:*",
"matchCriteriaId": "FA17778E-B3B1-44DD-B4E9-5AD25A3E804C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.1.2930:build_20241025:*:*:*:*:*:*",
"matchCriteriaId": "E3FC6646-2247-4ED9-9643-CD376674E2E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.2.2950:build_20241114:*:*:*:*:*:*",
"matchCriteriaId": "62170342-067D-442C-88FB-64A4BEA8AFE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.3.3006:build_20250108:*:*:*:*:*:*",
"matchCriteriaId": "82464467-E1E6-47E1-BDE5-DDFA52994A47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.4.3070:build_20250312:*:*:*:*:*:*",
"matchCriteriaId": "75AE902C-0516-4341-9BF0-21D8803E091C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.4.3079:build_20250321:*:*:*:*:*:*",
"matchCriteriaId": "5B005D70-8C91-48D4-B09A-9EBE2E9E5090",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.4.3092:build_20250403:*:*:*:*:*:*",
"matchCriteriaId": "82FE5F89-A0E1-4D1B-A363-0A0D4141F502",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.5.3145:build_20250526:*:*:*:*:*:*",
"matchCriteriaId": "B21A9EE0-88D5-42D9-BA21-D55518FCC6E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.6.3195:build_20250715:*:*:*:*:*:*",
"matchCriteriaId": "3B575CF2-21F3-4435-B6B4-61D79B34429C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:qnap:qts:5.2.6.3229:build_20250818:*:*:*:*:*:*",
"matchCriteriaId": "E2EBD305-91E3-4BCC-835B-4878DF4DA3B8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack.\n\nWe have already fixed the vulnerability in the following versions:\nQTS 5.2.6.3195 build 20250715 and later\nQuTS hero h5.2.6.3195 build 20250715 and later"
}
],
"id": "CVE-2025-44013",
"lastModified": "2026-01-05T20:22:54.760",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
],
"cvssMetricV40": [
{
"cvssData": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 1.3,
"baseSeverity": "LOW",
"confidentialityRequirement": "NOT_DEFINED",
"exploitMaturity": "UNREPORTED",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"source": "security@qnapsecurity.com.tw",
"type": "Secondary"
}
]
},
"published": "2026-01-02T15:15:59.750",
"references": [
{
"source": "security@qnapsecurity.com.tw",
"tags": [
"Vendor Advisory"
],
"url": "https://www.qnap.com/en/security-advisory/qsa-25-50"
}
],
"sourceIdentifier": "security@qnapsecurity.com.tw",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-476"
}
],
"source": "security@qnapsecurity.com.tw",
"type": "Primary"
}
]
}