Vulnerability-Lookup

WID-SEC-W-2026-1966

Vulnerability from csaf_certbund - Published: 2026-06-16 22:00 - Updated: 2026-06-16 22:00

Summary

QNAP NAS: Mehrere Schwachstellen

Severity

Mittel

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung: QNAP ist ein Hersteller von NAS (Network Attached Storage) Lösungen.

Angriff: Ein entfernter, authentisierter oder anonymer Angreifer kann mehrere Schwachstellen in QNAP NAS ausnutzen, um sich erhöhte Berechtigungen zu verschaffen, um Sicherheitsmechanismen zu umgehen, um einen Denial of Service Zustand herbeizuführen, um beliebige Befehle auszuführen, um Informationen offenzulegen oder nicht näher spezifizierte Auswirkungen zu erzielen.

Betroffene Betriebssysteme: - Hardware Appliance

CVE-2025-59382

Affected products

Known affected 4 products

Product	Identifier	Version	Remediation
QNAP NAS QuTS hero <h5.2.9 QNAP / NAS		QuTS hero <h5.2.9
QNAP NAS QTS <5.2.10 QNAP / NAS		QTS <5.2.10
QNAP NAS QuTS cloud <C5.2.9 QNAP / NAS		QuTS cloud <C5.2.9
QNAP NAS QVP <2.8.0 QNAP / NAS		QVP <2.8.0

CVE-2025-62858

Affected products

Known affected 4 products

Product	Identifier	Version	Remediation
QNAP NAS QuTS hero <h5.2.9 QNAP / NAS		QuTS hero <h5.2.9
QNAP NAS QTS <5.2.10 QNAP / NAS		QTS <5.2.10
QNAP NAS QuTS cloud <C5.2.9 QNAP / NAS		QuTS cloud <C5.2.9
QNAP NAS QVP <2.8.0 QNAP / NAS		QVP <2.8.0

CVE-2025-66273

Affected products

Known affected 4 products

Product	Identifier	Version	Remediation
QNAP NAS QuTS hero <h5.2.9 QNAP / NAS		QuTS hero <h5.2.9
QNAP NAS QTS <5.2.10 QNAP / NAS		QTS <5.2.10
QNAP NAS QuTS cloud <C5.2.9 QNAP / NAS		QuTS cloud <C5.2.9
QNAP NAS QVP <2.8.0 QNAP / NAS		QVP <2.8.0

CVE-2025-66279

Affected products

Known affected 4 products

Product	Identifier	Version	Remediation
QNAP NAS QuTS hero <h5.2.9 QNAP / NAS		QuTS hero <h5.2.9
QNAP NAS QTS <5.2.10 QNAP / NAS		QTS <5.2.10
QNAP NAS QuTS cloud <C5.2.9 QNAP / NAS		QuTS cloud <C5.2.9
QNAP NAS QVP <2.8.0 QNAP / NAS		QVP <2.8.0

CVE-2025-66280

Affected products

Known affected 4 products

Product	Identifier	Version	Remediation
QNAP NAS QuTS hero <h5.2.9 QNAP / NAS		QuTS hero <h5.2.9
QNAP NAS QTS <5.2.10 QNAP / NAS		QTS <5.2.10
QNAP NAS QuTS cloud <C5.2.9 QNAP / NAS		QuTS cloud <C5.2.9
QNAP NAS QVP <2.8.0 QNAP / NAS		QVP <2.8.0

CVE-2025-66281

Affected products

Known affected 4 products

Product	Identifier	Version	Remediation
QNAP NAS QuTS hero <h5.2.9 QNAP / NAS		QuTS hero <h5.2.9
QNAP NAS QTS <5.2.10 QNAP / NAS		QTS <5.2.10
QNAP NAS QuTS cloud <C5.2.9 QNAP / NAS		QuTS cloud <C5.2.9
QNAP NAS QVP <2.8.0 QNAP / NAS		QVP <2.8.0

CVE-2025-68405

Affected products

Known affected 4 products

Product	Identifier	Version	Remediation
QNAP NAS QuTS hero <h5.2.9 QNAP / NAS		QuTS hero <h5.2.9
QNAP NAS QTS <5.2.10 QNAP / NAS		QTS <5.2.10
QNAP NAS QuTS cloud <C5.2.9 QNAP / NAS		QuTS cloud <C5.2.9
QNAP NAS QVP <2.8.0 QNAP / NAS		QVP <2.8.0

CVE-2026-22893

Affected products

Known affected 4 products

Product	Identifier	Version	Remediation
QNAP NAS QuTS hero <h5.2.9 QNAP / NAS		QuTS hero <h5.2.9
QNAP NAS QTS <5.2.10 QNAP / NAS		QTS <5.2.10
QNAP NAS QuTS cloud <C5.2.9 QNAP / NAS		QuTS cloud <C5.2.9
QNAP NAS QVP <2.8.0 QNAP / NAS		QVP <2.8.0

CVE-2026-22899

Affected products

Known affected 4 products

Product	Identifier	Version	Remediation
QNAP NAS QuTS hero <h5.2.9 QNAP / NAS		QuTS hero <h5.2.9
QNAP NAS QTS <5.2.10 QNAP / NAS		QTS <5.2.10
QNAP NAS QuTS cloud <C5.2.9 QNAP / NAS		QuTS cloud <C5.2.9
QNAP NAS QVP <2.8.0 QNAP / NAS		QVP <2.8.0

CVE-2026-24720

Affected products

Known affected 4 products

Product	Identifier	Version	Remediation
QNAP NAS QuTS hero <h5.2.9 QNAP / NAS		QuTS hero <h5.2.9
QNAP NAS QTS <5.2.10 QNAP / NAS		QTS <5.2.10
QNAP NAS QuTS cloud <C5.2.9 QNAP / NAS		QuTS cloud <C5.2.9
QNAP NAS QVP <2.8.0 QNAP / NAS		QVP <2.8.0

CVE-2026-24724

Affected products

Known affected 4 products

Product	Identifier	Version	Remediation
QNAP NAS QuTS hero <h5.2.9 QNAP / NAS		QuTS hero <h5.2.9
QNAP NAS QTS <5.2.10 QNAP / NAS		QTS <5.2.10
QNAP NAS QuTS cloud <C5.2.9 QNAP / NAS		QuTS cloud <C5.2.9
QNAP NAS QVP <2.8.0 QNAP / NAS		QVP <2.8.0

CVE-2026-26239

Affected products

Known affected 4 products

Product	Identifier	Version	Remediation
QNAP NAS QuTS hero <h5.2.9 QNAP / NAS		QuTS hero <h5.2.9
QNAP NAS QTS <5.2.10 QNAP / NAS		QTS <5.2.10
QNAP NAS QuTS cloud <C5.2.9 QNAP / NAS		QuTS cloud <C5.2.9
QNAP NAS QVP <2.8.0 QNAP / NAS		QVP <2.8.0

CVE-2026-26240

Affected products

Known affected 4 products

Product	Identifier	Version	Remediation
QNAP NAS QuTS hero <h5.2.9 QNAP / NAS		QuTS hero <h5.2.9
QNAP NAS QTS <5.2.10 QNAP / NAS		QTS <5.2.10
QNAP NAS QuTS cloud <C5.2.9 QNAP / NAS		QuTS cloud <C5.2.9
QNAP NAS QVP <2.8.0 QNAP / NAS		QVP <2.8.0

CVE-2026-26241

Affected products

Known affected 4 products

Product	Identifier	Version	Remediation
QNAP NAS QuTS hero <h5.2.9 QNAP / NAS		QuTS hero <h5.2.9
QNAP NAS QTS <5.2.10 QNAP / NAS		QTS <5.2.10
QNAP NAS QuTS cloud <C5.2.9 QNAP / NAS		QuTS cloud <C5.2.9
QNAP NAS QVP <2.8.0 QNAP / NAS		QVP <2.8.0

References

3 references

URL	Category
https://wid.cert-bund.de/.well-known/csaf/white/2…	self
https://wid.cert-bund.de/portal/wid/securityadvis…	self
https://www.qnap.com/en/security-advisory/QSA-26-10	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "mittel"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "QNAP ist ein Hersteller von NAS (Network Attached Storage) L\u00f6sungen.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein entfernter, authentisierter oder anonymer Angreifer kann mehrere Schwachstellen in QNAP NAS ausnutzen, um sich erh\u00f6hte Berechtigungen zu verschaffen, um Sicherheitsmechanismen zu umgehen, um einen Denial of Service Zustand herbeizuf\u00fchren, um beliebige Befehle auszuf\u00fchren, um Informationen offenzulegen oder nicht n\u00e4her spezifizierte Auswirkungen zu erzielen.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Hardware Appliance",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2026-1966 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2026/wid-sec-w-2026-1966.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2026-1966 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1966"
      },
      {
        "category": "external",
        "summary": "QNAP Security Advisory vom 2026-06-17",
        "url": "https://www.qnap.com/en/security-advisory/QSA-26-10"
      }
    ],
    "source_lang": "en-US",
    "title": "QNAP NAS: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2026-06-16T22:00:00.000+00:00",
      "generator": {
        "date": "2026-06-17T09:24:54.164+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.6.0"
        }
      },
      "id": "WID-SEC-W-2026-1966",
      "initial_release_date": "2026-06-16T22:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2026-06-16T22:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "QVP \u003c2.8.0",
                "product": {
                  "name": "QNAP NAS QVP \u003c2.8.0",
                  "product_id": "T055513"
                }
              },
              {
                "category": "product_version",
                "name": "QVP 2.8.0",
                "product": {
                  "name": "QNAP NAS QVP 2.8.0",
                  "product_id": "T055513-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/h:qnap:nas:2.8.0::qvp"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "QuTS cloud \u003cC5.2.9",
                "product": {
                  "name": "QNAP NAS QuTS cloud \u003cC5.2.9",
                  "product_id": "T055514"
                }
              },
              {
                "category": "product_version",
                "name": "QuTS cloud C5.2.9",
                "product": {
                  "name": "QNAP NAS QuTS cloud C5.2.9",
                  "product_id": "T055514-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/h:qnap:nas:c5.2.9::quts_cloud"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "QTS \u003c5.2.10",
                "product": {
                  "name": "QNAP NAS QTS \u003c5.2.10",
                  "product_id": "T055515"
                }
              },
              {
                "category": "product_version",
                "name": "QTS 5.2.10",
                "product": {
                  "name": "QNAP NAS QTS 5.2.10",
                  "product_id": "T055515-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/h:qnap:nas:5.2.10::qts"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "QuTS hero \u003ch5.2.9",
                "product": {
                  "name": "QNAP NAS QuTS hero \u003ch5.2.9",
                  "product_id": "T055517"
                }
              },
              {
                "category": "product_version",
                "name": "QuTS hero h5.2.9",
                "product": {
                  "name": "QNAP NAS QuTS hero h5.2.9",
                  "product_id": "T055517-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/h:qnap:nas:h5.2.9::quts_hero"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "NAS"
          }
        ],
        "category": "vendor",
        "name": "QNAP"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2025-59382",
      "product_status": {
        "known_affected": [
          "T055517",
          "T055515",
          "T055514",
          "T055513"
        ]
      },
      "release_date": "2026-06-16T22:00:00.000+00:00",
      "title": "CVE-2025-59382"
    },
    {
      "cve": "CVE-2025-62858",
      "product_status": {
        "known_affected": [
          "T055517",
          "T055515",
          "T055514",
          "T055513"
        ]
      },
      "release_date": "2026-06-16T22:00:00.000+00:00",
      "title": "CVE-2025-62858"
    },
    {
      "cve": "CVE-2025-66273",
      "product_status": {
        "known_affected": [
          "T055517",
          "T055515",
          "T055514",
          "T055513"
        ]
      },
      "release_date": "2026-06-16T22:00:00.000+00:00",
      "title": "CVE-2025-66273"
    },
    {
      "cve": "CVE-2025-66279",
      "product_status": {
        "known_affected": [
          "T055517",
          "T055515",
          "T055514",
          "T055513"
        ]
      },
      "release_date": "2026-06-16T22:00:00.000+00:00",
      "title": "CVE-2025-66279"
    },
    {
      "cve": "CVE-2025-66280",
      "product_status": {
        "known_affected": [
          "T055517",
          "T055515",
          "T055514",
          "T055513"
        ]
      },
      "release_date": "2026-06-16T22:00:00.000+00:00",
      "title": "CVE-2025-66280"
    },
    {
      "cve": "CVE-2025-66281",
      "product_status": {
        "known_affected": [
          "T055517",
          "T055515",
          "T055514",
          "T055513"
        ]
      },
      "release_date": "2026-06-16T22:00:00.000+00:00",
      "title": "CVE-2025-66281"
    },
    {
      "cve": "CVE-2025-68405",
      "product_status": {
        "known_affected": [
          "T055517",
          "T055515",
          "T055514",
          "T055513"
        ]
      },
      "release_date": "2026-06-16T22:00:00.000+00:00",
      "title": "CVE-2025-68405"
    },
    {
      "cve": "CVE-2026-22893",
      "product_status": {
        "known_affected": [
          "T055517",
          "T055515",
          "T055514",
          "T055513"
        ]
      },
      "release_date": "2026-06-16T22:00:00.000+00:00",
      "title": "CVE-2026-22893"
    },
    {
      "cve": "CVE-2026-22899",
      "product_status": {
        "known_affected": [
          "T055517",
          "T055515",
          "T055514",
          "T055513"
        ]
      },
      "release_date": "2026-06-16T22:00:00.000+00:00",
      "title": "CVE-2026-22899"
    },
    {
      "cve": "CVE-2026-24720",
      "product_status": {
        "known_affected": [
          "T055517",
          "T055515",
          "T055514",
          "T055513"
        ]
      },
      "release_date": "2026-06-16T22:00:00.000+00:00",
      "title": "CVE-2026-24720"
    },
    {
      "cve": "CVE-2026-24724",
      "product_status": {
        "known_affected": [
          "T055517",
          "T055515",
          "T055514",
          "T055513"
        ]
      },
      "release_date": "2026-06-16T22:00:00.000+00:00",
      "title": "CVE-2026-24724"
    },
    {
      "cve": "CVE-2026-26239",
      "product_status": {
        "known_affected": [
          "T055517",
          "T055515",
          "T055514",
          "T055513"
        ]
      },
      "release_date": "2026-06-16T22:00:00.000+00:00",
      "title": "CVE-2026-26239"
    },
    {
      "cve": "CVE-2026-26240",
      "product_status": {
        "known_affected": [
          "T055517",
          "T055515",
          "T055514",
          "T055513"
        ]
      },
      "release_date": "2026-06-16T22:00:00.000+00:00",
      "title": "CVE-2026-26240"
    },
    {
      "cve": "CVE-2026-26241",
      "product_status": {
        "known_affected": [
          "T055517",
          "T055515",
          "T055514",
          "T055513"
        ]
      },
      "release_date": "2026-06-16T22:00:00.000+00:00",
      "title": "CVE-2026-26241"
    }
  ]
}

CVE-2025-59382 (GCVE-0-2025-59382)

Vulnerability from cvelistv5 – Published: 2026-06-10 01:38 – Updated: 2026-06-12 02:12

Title

QTS, QuTS hero, QuTScloud, QVP (QVR Pro appliances)

Summary

QTS, QuTS hero, QuTScloud are not affected. We have already fixed the vulnerability in the following version:

Severity

1.2 (Low)


                        
                          CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U

SSVC

Exploitation: none Automatable: no Technical Impact: partial

CISA Coordinator (v2.0.3)

CWE

CWE-472

Assigner

qnap

References

1 reference

URL	Tags
https://www.qnap.com/en/security-advisory/qsa-26-10

Impacted products

3 products

Vendor	Product	Version
QNAP Systems Inc.	QTS	Unaffected: ?
QNAP Systems Inc.	QuTS hero	Unaffected: ?
QNAP Systems Inc.	QuTScloud	Unaffected: c5.0.0

Credits

Tim Coen

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-59382",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-06-10T16:03:46.175446Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-06-10T16:04:08.349Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "QTS",
          "vendor": "QNAP Systems Inc.",
          "versions": [
            {
              "status": "unaffected",
              "version": "?"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "QuTS hero",
          "vendor": "QNAP Systems Inc.",
          "versions": [
            {
              "status": "unaffected",
              "version": "?"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "QuTScloud",
          "vendor": "QNAP Systems Inc.",
          "versions": [
            {
              "status": "unaffected",
              "version": "c5.0.0"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Tim Coen"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cbr\u003eQTS, QuTS hero, QuTScloud are not affected.\u003cbr\u003e\u003cbr\u003eWe have already fixed the vulnerability in the following version:\u003cbr\u003e"
            }
          ],
          "value": "QTS, QuTS hero, QuTScloud are not affected.\n\nWe have already fixed the vulnerability in the following version:"
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-98",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-98"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 1.2,
            "baseSeverity": "LOW",
            "exploitMaturity": "UNREPORTED",
            "privilegesRequired": "NONE",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "ACTIVE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U",
            "version": "4.0",
            "vulnAvailabilityImpact": "NONE",
            "vulnConfidentialityImpact": "NONE",
            "vulnIntegrityImpact": "LOW",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-472",
              "description": "CWE-472",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-06-12T02:12:53.320Z",
        "orgId": "2fd009eb-170a-4625-932b-17a53af1051f",
        "shortName": "qnap"
      },
      "references": [
        {
          "url": "https://www.qnap.com/en/security-advisory/qsa-26-10"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "We have already fixed the vulnerability in the following version:\u003cbr\u003e"
            }
          ],
          "value": "We have already fixed the vulnerability in the following version:"
        }
      ],
      "source": {
        "advisory": "QSA-26-10",
        "discovery": "EXTERNAL"
      },
      "title": "QTS, QuTS hero, QuTScloud, QVP (QVR Pro appliances)",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "2fd009eb-170a-4625-932b-17a53af1051f",
    "assignerShortName": "qnap",
    "cveId": "CVE-2025-59382",
    "datePublished": "2026-06-10T01:38:20.686Z",
    "dateReserved": "2025-09-15T08:35:00.660Z",
    "dateUpdated": "2026-06-12T02:12:53.320Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-62858 (GCVE-0-2025-62858)

Vulnerability from cvelistv5 – Published: 2026-06-09 06:17 – Updated: 2026-06-09 13:11

Title

QTS, QuTS hero

Summary

A buffer overflow vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to modify memory or crash processes. We have already fixed the vulnerability in the following versions: QTS 5.2.9.3410 build 20260214 and later QuTS hero h5.2.9.3410 build 20260214 and later QuTS hero h5.3.4.3500 build 20260520 and later QuTS hero h6.0.0.3397 build 20260206 and later

Severity

5.1 (Medium)


                        
                          CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N

SSVC

Exploitation: none Automatable: no Technical Impact: partial

CISA Coordinator (v2.0.3)

CWE

CWE-121

Assigner

qnap

References

1 reference

URL	Tags
https://www.qnap.com/en/security-advisory/qsa-26-10

Impacted products

2 products

Vendor	Product	Version
QNAP Systems Inc.	QTS	Affected: 5.2.0 , < 5.2.9.3410 build 20260214 (custom)
QNAP Systems Inc.	QuTS hero	Affected: h5.2.0 , < h5.2.9.3410 build 20260214 (custom) Affected: h5.3.0 , < h5.3.4.3500 build 20260520 (custom) Affected: ? , < h6.0.0.3397 build 20260206 (custom)

Credits

coral

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-62858",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-06-09T13:11:21.101080Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-06-09T13:11:28.903Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "QTS",
          "vendor": "QNAP Systems Inc.",
          "versions": [
            {
              "lessThan": "5.2.9.3410 build 20260214",
              "status": "affected",
              "version": "5.2.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "QuTS hero",
          "vendor": "QNAP Systems Inc.",
          "versions": [
            {
              "lessThan": "h5.2.9.3410 build 20260214",
              "status": "affected",
              "version": "h5.2.0",
              "versionType": "custom"
            },
            {
              "lessThan": "h5.3.4.3500 build 20260520",
              "status": "affected",
              "version": "h5.3.0",
              "versionType": "custom"
            },
            {
              "lessThan": "h6.0.0.3397 build 20260206",
              "status": "affected",
              "version": "?",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "coral"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "A buffer overflow vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to modify memory or crash processes.\u003cbr\u003e\u003cbr\u003eWe have already fixed the vulnerability in the following versions:\u003cbr\u003eQTS 5.2.9.3410 build 20260214 and later\u003cbr\u003eQuTS hero h5.2.9.3410 build 20260214 and later\u003cbr\u003eQuTS hero h5.3.4.3500 build 20260520 and later\u003cbr\u003eQuTS hero h6.0.0.3397 build 20260206 and later\u003cbr\u003e"
            }
          ],
          "value": "A buffer overflow vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to modify memory or crash processes.\n\nWe have already fixed the vulnerability in the following versions:\nQTS 5.2.9.3410 build 20260214 and later\nQuTS hero h5.2.9.3410 build 20260214 and later\nQuTS hero h5.3.4.3500 build 20260520 and later\nQuTS hero h6.0.0.3397 build 20260206 and later"
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-100",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-100"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 5.1,
            "baseSeverity": "MEDIUM",
            "exploitMaturity": "UNREPORTED",
            "privilegesRequired": "HIGH",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "LOW",
            "vulnConfidentialityImpact": "NONE",
            "vulnIntegrityImpact": "LOW"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-121",
              "description": "CWE-121",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-06-09T06:17:30.787Z",
        "orgId": "2fd009eb-170a-4625-932b-17a53af1051f",
        "shortName": "qnap"
      },
      "references": [
        {
          "url": "https://www.qnap.com/en/security-advisory/qsa-26-10"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "We have already fixed the vulnerability in the following versions:\u003cbr\u003eQTS 5.2.9.3410 build 20260214 and later\u003cbr\u003eQuTS hero h5.2.9.3410 build 20260214 and later\u003cbr\u003eQuTS hero h5.3.4.3500 build 20260520 and later\u003cbr\u003eQuTS hero h6.0.0.3397 build 20260206 and later\u003cbr\u003e"
            }
          ],
          "value": "We have already fixed the vulnerability in the following versions:\nQTS 5.2.9.3410 build 20260214 and later\nQuTS hero h5.2.9.3410 build 20260214 and later\nQuTS hero h5.3.4.3500 build 20260520 and later\nQuTS hero h6.0.0.3397 build 20260206 and later"
        }
      ],
      "source": {
        "advisory": "QSA-26-10",
        "discovery": "EXTERNAL"
      },
      "title": "QTS, QuTS hero",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "2fd009eb-170a-4625-932b-17a53af1051f",
    "assignerShortName": "qnap",
    "cveId": "CVE-2025-62858",
    "datePublished": "2026-06-09T06:17:30.787Z",
    "dateReserved": "2025-10-24T02:43:49.269Z",
    "dateUpdated": "2026-06-09T13:11:28.903Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-66273 (GCVE-0-2025-66273)

Vulnerability from cvelistv5 – Published: 2026-06-10 03:04 – Updated: 2026-06-11 03:55

Title

QTS, QuTS hero

Summary

A command injection vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to execute arbitrary commands. We have already fixed the vulnerability in the following versions: QTS 5.2.9.3410 build 20260214 and later QuTS hero h5.2.9.3410 build 20260214 and later QuTS hero h5.3.4.3500 build 20260520 and later QuTS hero h6.0.0.3397 build 20260206 and later

Severity

8.6 (High)


                        
                          CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

SSVC

Exploitation: none Automatable: no Technical Impact: total

CISA Coordinator (v2.0.3)

CWE

CWE-78

Assigner

qnap

References

1 reference

URL	Tags
https://www.qnap.com/en/security-advisory/qsa-26-10

Impacted products

2 products

Vendor	Product	Version
QNAP Systems Inc.	QTS	Affected: 5.2.0 , < 5.2.9.3410 build 20260214 (custom)
QNAP Systems Inc.	QuTS hero	Affected: h5.2.0 , < h5.2.9.3410 build 20260214 (custom) Affected: h5.3.0 , < h5.3.4.3500 build 20260520 (custom) Affected: ? , < h6.0.0.3397 build 20260206 (custom)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-66273",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-06-10T00:00:00+00:00",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-06-11T03:55:25.759Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "QTS",
          "vendor": "QNAP Systems Inc.",
          "versions": [
            {
              "lessThan": "5.2.9.3410 build 20260214",
              "status": "affected",
              "version": "5.2.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "QuTS hero",
          "vendor": "QNAP Systems Inc.",
          "versions": [
            {
              "lessThan": "h5.2.9.3410 build 20260214",
              "status": "affected",
              "version": "h5.2.0",
              "versionType": "custom"
            },
            {
              "lessThan": "h5.3.4.3500 build 20260520",
              "status": "affected",
              "version": "h5.3.0",
              "versionType": "custom"
            },
            {
              "lessThan": "h6.0.0.3397 build 20260206",
              "status": "affected",
              "version": "?",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "A command injection vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to execute arbitrary commands.\u003cbr\u003e\u003cbr\u003eWe have already fixed the vulnerability in the following versions:\u003cbr\u003eQTS 5.2.9.3410 build 20260214 and later\u003cbr\u003eQuTS hero h5.2.9.3410 build 20260214 and later\u003cbr\u003eQuTS hero h5.3.4.3500 build 20260520 and later\u003cbr\u003eQuTS hero h6.0.0.3397 build 20260206 and later\u003cbr\u003e"
            }
          ],
          "value": "A command injection vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to execute arbitrary commands.\n\nWe have already fixed the vulnerability in the following versions:\nQTS 5.2.9.3410 build 20260214 and later\nQuTS hero h5.2.9.3410 build 20260214 and later\nQuTS hero h5.3.4.3500 build 20260520 and later\nQuTS hero h6.0.0.3397 build 20260206 and later"
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-88",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-88"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "exploitMaturity": "UNREPORTED",
            "privilegesRequired": "HIGH",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "HIGH"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-78",
              "description": "CWE-78",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-06-10T03:04:39.973Z",
        "orgId": "2fd009eb-170a-4625-932b-17a53af1051f",
        "shortName": "qnap"
      },
      "references": [
        {
          "url": "https://www.qnap.com/en/security-advisory/qsa-26-10"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "We have already fixed the vulnerability in the following versions:\u003cbr\u003eQTS 5.2.9.3410 build 20260214 and later\u003cbr\u003eQuTS hero h5.2.9.3410 build 20260214 and later\u003cbr\u003eQuTS hero h5.3.4.3500 build 20260520 and later\u003cbr\u003eQuTS hero h6.0.0.3397 build 20260206 and later\u003cbr\u003e"
            }
          ],
          "value": "We have already fixed the vulnerability in the following versions:\nQTS 5.2.9.3410 build 20260214 and later\nQuTS hero h5.2.9.3410 build 20260214 and later\nQuTS hero h5.3.4.3500 build 20260520 and later\nQuTS hero h6.0.0.3397 build 20260206 and later"
        }
      ],
      "source": {
        "advisory": "QSA-26-10",
        "discovery": "EXTERNAL"
      },
      "title": "QTS, QuTS hero",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "2fd009eb-170a-4625-932b-17a53af1051f",
    "assignerShortName": "qnap",
    "cveId": "CVE-2025-66273",
    "datePublished": "2026-06-10T03:04:39.973Z",
    "dateReserved": "2025-11-26T09:25:37.832Z",
    "dateUpdated": "2026-06-11T03:55:25.759Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-66279 (GCVE-0-2025-66279)

Vulnerability from cvelistv5 – Published: 2026-06-10 03:05 – Updated: 2026-06-11 03:55

Title

QTS, QuTS hero

Summary

Severity

8.6 (High)


                        
                          CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

SSVC

Exploitation: none Automatable: no Technical Impact: total

CISA Coordinator (v2.0.3)

CWE

CWE-78

Assigner

qnap

References

1 reference

URL	Tags
https://www.qnap.com/en/security-advisory/qsa-26-10

Impacted products

2 products

Vendor	Product	Version
QNAP Systems Inc.	QTS	Affected: 5.2.0 , < 5.2.9.3410 build 20260214 (custom)
QNAP Systems Inc.	QuTS hero	Affected: h5.2.0 , < h5.2.9.3410 build 20260214 (custom) Affected: h5.3.0 , < h5.3.4.3500 build 20260520 (custom) Affected: ? , < h6.0.0.3397 build 20260206 (custom)

Credits

Bechir Bouali (@b3ch1r) from SecLab - TII

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-66279",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-06-10T00:00:00+00:00",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-06-11T03:55:24.593Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "QTS",
          "vendor": "QNAP Systems Inc.",
          "versions": [
            {
              "lessThan": "5.2.9.3410 build 20260214",
              "status": "affected",
              "version": "5.2.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "QuTS hero",
          "vendor": "QNAP Systems Inc.",
          "versions": [
            {
              "lessThan": "h5.2.9.3410 build 20260214",
              "status": "affected",
              "version": "h5.2.0",
              "versionType": "custom"
            },
            {
              "lessThan": "h5.3.4.3500 build 20260520",
              "status": "affected",
              "version": "h5.3.0",
              "versionType": "custom"
            },
            {
              "lessThan": "h6.0.0.3397 build 20260206",
              "status": "affected",
              "version": "?",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Bechir Bouali (@b3ch1r) from SecLab - TII"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "A command injection vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to execute arbitrary commands.\u003cbr\u003e\u003cbr\u003eWe have already fixed the vulnerability in the following versions:\u003cbr\u003eQTS 5.2.9.3410 build 20260214 and later\u003cbr\u003eQuTS hero h5.2.9.3410 build 20260214 and later\u003cbr\u003eQuTS hero h5.3.4.3500 build 20260520 and later\u003cbr\u003eQuTS hero h6.0.0.3397 build 20260206 and later\u003cbr\u003e"
            }
          ],
          "value": "A command injection vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to execute arbitrary commands.\n\nWe have already fixed the vulnerability in the following versions:\nQTS 5.2.9.3410 build 20260214 and later\nQuTS hero h5.2.9.3410 build 20260214 and later\nQuTS hero h5.3.4.3500 build 20260520 and later\nQuTS hero h6.0.0.3397 build 20260206 and later"
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-88",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-88"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "exploitMaturity": "UNREPORTED",
            "privilegesRequired": "HIGH",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "HIGH"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-78",
              "description": "CWE-78",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-06-10T03:05:38.333Z",
        "orgId": "2fd009eb-170a-4625-932b-17a53af1051f",
        "shortName": "qnap"
      },
      "references": [
        {
          "url": "https://www.qnap.com/en/security-advisory/qsa-26-10"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "We have already fixed the vulnerability in the following versions:\u003cbr\u003eQTS 5.2.9.3410 build 20260214 and later\u003cbr\u003eQuTS hero h5.2.9.3410 build 20260214 and later\u003cbr\u003eQuTS hero h5.3.4.3500 build 20260520 and later\u003cbr\u003eQuTS hero h6.0.0.3397 build 20260206 and later\u003cbr\u003e"
            }
          ],
          "value": "We have already fixed the vulnerability in the following versions:\nQTS 5.2.9.3410 build 20260214 and later\nQuTS hero h5.2.9.3410 build 20260214 and later\nQuTS hero h5.3.4.3500 build 20260520 and later\nQuTS hero h6.0.0.3397 build 20260206 and later"
        }
      ],
      "source": {
        "advisory": "QSA-26-10",
        "discovery": "EXTERNAL"
      },
      "title": "QTS, QuTS hero",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "2fd009eb-170a-4625-932b-17a53af1051f",
    "assignerShortName": "qnap",
    "cveId": "CVE-2025-66279",
    "datePublished": "2026-06-10T03:05:38.333Z",
    "dateReserved": "2025-11-26T09:25:37.833Z",
    "dateUpdated": "2026-06-11T03:55:24.593Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-66280 (GCVE-0-2025-66280)

Vulnerability from cvelistv5 – Published: 2026-06-10 03:05 – Updated: 2026-06-10 15:52

Title

QTS, QuTS hero

Summary

An integer overflow or wraparound vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to compromise the security of the system. We have already fixed the vulnerability in the following versions: QTS 5.2.9.3410 build 20260214 and later QuTS hero h5.2.9.3410 build 20260214 and later QuTS hero h5.3.4.3500 build 20260520 and later QuTS hero h6.0.0.3397 build 20260206 and later

Severity

5.1 (Medium)


                        
                          CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N

SSVC

Exploitation: none Automatable: no Technical Impact: partial

CISA Coordinator (v2.0.3)

CWE

Assigner

qnap

References

1 reference

URL	Tags
https://www.qnap.com/en/security-advisory/qsa-26-10

Impacted products

2 products

Vendor	Product	Version
QNAP Systems Inc.	QTS	Affected: 5.2.0 , < 5.2.9.3410 build 20260214 (custom)
QNAP Systems Inc.	QuTS hero	Affected: h5.2.0 , < h5.2.9.3410 build 20260214 (custom) Affected: h5.3.0 , < h5.3.4.3500 build 20260520 (custom) Affected: ? , < h6.0.0.3397 build 20260206 (custom)

Credits

Bechir Bouali (@b3ch1r) from SecLab - TII

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-66280",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-06-10T15:50:57.407768Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-06-10T15:52:04.680Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "QTS",
          "vendor": "QNAP Systems Inc.",
          "versions": [
            {
              "lessThan": "5.2.9.3410 build 20260214",
              "status": "affected",
              "version": "5.2.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "QuTS hero",
          "vendor": "QNAP Systems Inc.",
          "versions": [
            {
              "lessThan": "h5.2.9.3410 build 20260214",
              "status": "affected",
              "version": "h5.2.0",
              "versionType": "custom"
            },
            {
              "lessThan": "h5.3.4.3500 build 20260520",
              "status": "affected",
              "version": "h5.3.0",
              "versionType": "custom"
            },
            {
              "lessThan": "h6.0.0.3397 build 20260206",
              "status": "affected",
              "version": "?",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Bechir Bouali (@b3ch1r) from SecLab - TII"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "An integer overflow or wraparound vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to compromise the security of the system.\u003cbr\u003e\u003cbr\u003eWe have already fixed the vulnerability in the following versions:\u003cbr\u003eQTS 5.2.9.3410 build 20260214 and later\u003cbr\u003eQuTS hero h5.2.9.3410 build 20260214 and later\u003cbr\u003eQuTS hero h5.3.4.3500 build 20260520 and later\u003cbr\u003eQuTS hero h6.0.0.3397 build 20260206 and later\u003cbr\u003e"
            }
          ],
          "value": "An integer overflow or wraparound vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to compromise the security of the system.\n\nWe have already fixed the vulnerability in the following versions:\nQTS 5.2.9.3410 build 20260214 and later\nQuTS hero h5.2.9.3410 build 20260214 and later\nQuTS hero h5.3.4.3500 build 20260520 and later\nQuTS hero h6.0.0.3397 build 20260206 and later"
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-92",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-92"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 5.1,
            "baseSeverity": "MEDIUM",
            "exploitMaturity": "UNREPORTED",
            "privilegesRequired": "HIGH",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "LOW",
            "vulnConfidentialityImpact": "NONE",
            "vulnIntegrityImpact": "LOW"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-190",
              "description": "CWE-190",
              "lang": "en",
              "type": "CWE"
            },
            {
              "cweId": "CWE-121",
              "description": "CWE-121",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-06-10T03:05:59.942Z",
        "orgId": "2fd009eb-170a-4625-932b-17a53af1051f",
        "shortName": "qnap"
      },
      "references": [
        {
          "url": "https://www.qnap.com/en/security-advisory/qsa-26-10"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "We have already fixed the vulnerability in the following versions:\u003cbr\u003eQTS 5.2.9.3410 build 20260214 and later\u003cbr\u003eQuTS hero h5.2.9.3410 build 20260214 and later\u003cbr\u003eQuTS hero h5.3.4.3500 build 20260520 and later\u003cbr\u003eQuTS hero h6.0.0.3397 build 20260206 and later\u003cbr\u003e"
            }
          ],
          "value": "We have already fixed the vulnerability in the following versions:\nQTS 5.2.9.3410 build 20260214 and later\nQuTS hero h5.2.9.3410 build 20260214 and later\nQuTS hero h5.3.4.3500 build 20260520 and later\nQuTS hero h6.0.0.3397 build 20260206 and later"
        }
      ],
      "source": {
        "advisory": "QSA-26-10",
        "discovery": "EXTERNAL"
      },
      "title": "QTS, QuTS hero",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "2fd009eb-170a-4625-932b-17a53af1051f",
    "assignerShortName": "qnap",
    "cveId": "CVE-2025-66280",
    "datePublished": "2026-06-10T03:05:59.942Z",
    "dateReserved": "2025-11-26T09:25:37.833Z",
    "dateUpdated": "2026-06-10T15:52:04.680Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-66281 (GCVE-0-2025-66281)

Vulnerability from cvelistv5 – Published: 2026-06-10 03:06 – Updated: 2026-06-10 15:50

Title

QTS, QuTS hero

Summary

A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. The remote attackers can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following versions: QTS 5.2.9.3410 build 20260214 and later QuTS hero h5.2.9.3410 build 20260214 and later QuTS hero h5.3.4.3500 build 20260520 and later QuTS hero h6.0.0.3397 build 20260206 and later

Severity

6.9 (Medium)


                        
                          CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N

SSVC

Exploitation: none Automatable: yes Technical Impact: partial

CISA Coordinator (v2.0.3)

CWE

CWE-476

Assigner

qnap

References

1 reference

URL	Tags
https://www.qnap.com/en/security-advisory/qsa-26-10

Impacted products

2 products

Vendor	Product	Version
QNAP Systems Inc.	QTS	Affected: 5.2.0 , < 5.2.9.3410 build 20260214 (custom)
QNAP Systems Inc.	QuTS hero	Affected: h5.2.0 , < h5.2.9.3410 build 20260214 (custom) Affected: h5.3.0 , < h5.3.4.3500 build 20260520 (custom) Affected: ? , < h6.0.0.3397 build 20260206 (custom)

Credits

Bechir Bouali (@b3ch1r) from SecLab - TII

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-66281",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-06-10T15:49:55.156148Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-06-10T15:50:06.023Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "QTS",
          "vendor": "QNAP Systems Inc.",
          "versions": [
            {
              "lessThan": "5.2.9.3410 build 20260214",
              "status": "affected",
              "version": "5.2.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "QuTS hero",
          "vendor": "QNAP Systems Inc.",
          "versions": [
            {
              "lessThan": "h5.2.9.3410 build 20260214",
              "status": "affected",
              "version": "h5.2.0",
              "versionType": "custom"
            },
            {
              "lessThan": "h5.3.4.3500 build 20260520",
              "status": "affected",
              "version": "h5.3.0",
              "versionType": "custom"
            },
            {
              "lessThan": "h6.0.0.3397 build 20260206",
              "status": "affected",
              "version": "?",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Bechir Bouali (@b3ch1r) from SecLab - TII"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. The remote attackers can then exploit the vulnerability to launch a denial-of-service (DoS) attack.\u003cbr\u003e\u003cbr\u003eWe have already fixed the vulnerability in the following versions:\u003cbr\u003eQTS 5.2.9.3410 build 20260214 and later\u003cbr\u003eQuTS hero h5.2.9.3410 build 20260214 and later\u003cbr\u003eQuTS hero h5.3.4.3500 build 20260520 and later\u003cbr\u003eQuTS hero h6.0.0.3397 build 20260206 and later\u003cbr\u003e"
            }
          ],
          "value": "A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. The remote attackers can then exploit the vulnerability to launch a denial-of-service (DoS) attack.\n\nWe have already fixed the vulnerability in the following versions:\nQTS 5.2.9.3410 build 20260214 and later\nQuTS hero h5.2.9.3410 build 20260214 and later\nQuTS hero h5.3.4.3500 build 20260520 and later\nQuTS hero h6.0.0.3397 build 20260206 and later"
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-129",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-129"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 6.9,
            "baseSeverity": "MEDIUM",
            "exploitMaturity": "UNREPORTED",
            "privilegesRequired": "NONE",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "LOW",
            "vulnConfidentialityImpact": "NONE",
            "vulnIntegrityImpact": "NONE"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-476",
              "description": "CWE-476",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-06-10T03:06:06.429Z",
        "orgId": "2fd009eb-170a-4625-932b-17a53af1051f",
        "shortName": "qnap"
      },
      "references": [
        {
          "url": "https://www.qnap.com/en/security-advisory/qsa-26-10"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "We have already fixed the vulnerability in the following versions:\u003cbr\u003eQTS 5.2.9.3410 build 20260214 and later\u003cbr\u003eQuTS hero h5.2.9.3410 build 20260214 and later\u003cbr\u003eQuTS hero h5.3.4.3500 build 20260520 and later\u003cbr\u003eQuTS hero h6.0.0.3397 build 20260206 and later\u003cbr\u003e"
            }
          ],
          "value": "We have already fixed the vulnerability in the following versions:\nQTS 5.2.9.3410 build 20260214 and later\nQuTS hero h5.2.9.3410 build 20260214 and later\nQuTS hero h5.3.4.3500 build 20260520 and later\nQuTS hero h6.0.0.3397 build 20260206 and later"
        }
      ],
      "source": {
        "advisory": "QSA-26-10",
        "discovery": "EXTERNAL"
      },
      "title": "QTS, QuTS hero",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "2fd009eb-170a-4625-932b-17a53af1051f",
    "assignerShortName": "qnap",
    "cveId": "CVE-2025-66281",
    "datePublished": "2026-06-10T03:06:06.429Z",
    "dateReserved": "2025-11-26T09:25:37.833Z",
    "dateUpdated": "2026-06-10T15:50:06.023Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-22893 (GCVE-0-2026-22893)

Vulnerability from cvelistv5 – Published: 2026-06-10 03:06 – Updated: 2026-06-11 03:55

Title

QTS, QuTS hero

Summary

Severity

8.6 (High)


                        
                          CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

SSVC

Exploitation: none Automatable: no Technical Impact: total

CISA Coordinator (v2.0.3)

CWE

CWE-78

Assigner

qnap

References

1 reference

URL	Tags
https://www.qnap.com/en/security-advisory/qsa-26-10

Impacted products

2 products

Vendor	Product	Version
QNAP Systems Inc.	QTS	Affected: 5.2.0 , < 5.2.9.3410 build 20260214 (custom)
QNAP Systems Inc.	QuTS hero	Affected: h5.2.0 , < h5.2.9.3410 build 20260214 (custom) Affected: h5.3.0 , < h5.3.4.3500 build 20260520 (custom) Affected: ? , < h6.0.0.3459 build 20260409 (custom)

Credits

Tri - Nguyen Le Quoc Anh, Nguyen Huu Tri, Cao Ngoc Quy of bl4ckh0l3 from Galaxy One.

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-22893",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-06-10T00:00:00+00:00",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-06-11T03:55:23.448Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "QTS",
          "vendor": "QNAP Systems Inc.",
          "versions": [
            {
              "lessThan": "5.2.9.3410 build 20260214",
              "status": "affected",
              "version": "5.2.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "QuTS hero",
          "vendor": "QNAP Systems Inc.",
          "versions": [
            {
              "lessThan": "h5.2.9.3410 build 20260214",
              "status": "affected",
              "version": "h5.2.0",
              "versionType": "custom"
            },
            {
              "lessThan": "h5.3.4.3500 build 20260520",
              "status": "affected",
              "version": "h5.3.0",
              "versionType": "custom"
            },
            {
              "lessThan": "h6.0.0.3459 build 20260409",
              "status": "affected",
              "version": "?",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Tri - Nguyen Le Quoc Anh, Nguyen Huu Tri, Cao Ngoc Quy of bl4ckh0l3 from Galaxy One."
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "A command injection vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to execute arbitrary commands.\u003cbr\u003e\u003cbr\u003eWe have already fixed the vulnerability in the following versions:\u003cbr\u003eQTS 5.2.9.3410 build 20260214 and later\u003cbr\u003eQuTS hero h5.2.9.3410 build 20260214 and later\u003cbr\u003eQuTS hero h5.3.4.3500 build 20260520 and later\u003cbr\u003eQuTS hero h6.0.0.3459 build 20260409 and later\u003cbr\u003e"
            }
          ],
          "value": "A command injection vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to execute arbitrary commands.\n\nWe have already fixed the vulnerability in the following versions:\nQTS 5.2.9.3410 build 20260214 and later\nQuTS hero h5.2.9.3410 build 20260214 and later\nQuTS hero h5.3.4.3500 build 20260520 and later\nQuTS hero h6.0.0.3459 build 20260409 and later"
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-88",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-88"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "exploitMaturity": "UNREPORTED",
            "privilegesRequired": "HIGH",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "HIGH"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-78",
              "description": "CWE-78",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-06-10T03:06:34.562Z",
        "orgId": "2fd009eb-170a-4625-932b-17a53af1051f",
        "shortName": "qnap"
      },
      "references": [
        {
          "url": "https://www.qnap.com/en/security-advisory/qsa-26-10"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "We have already fixed the vulnerability in the following versions:\u003cbr\u003eQTS 5.2.9.3410 build 20260214 and later\u003cbr\u003eQuTS hero h5.2.9.3410 build 20260214 and later\u003cbr\u003eQuTS hero h5.3.4.3500 build 20260520 and later\u003cbr\u003eQuTS hero h6.0.0.3459 build 20260409 and later\u003cbr\u003e"
            }
          ],
          "value": "We have already fixed the vulnerability in the following versions:\nQTS 5.2.9.3410 build 20260214 and later\nQuTS hero h5.2.9.3410 build 20260214 and later\nQuTS hero h5.3.4.3500 build 20260520 and later\nQuTS hero h6.0.0.3459 build 20260409 and later"
        }
      ],
      "source": {
        "advisory": "QSA-26-10",
        "discovery": "EXTERNAL"
      },
      "title": "QTS, QuTS hero",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "2fd009eb-170a-4625-932b-17a53af1051f",
    "assignerShortName": "qnap",
    "cveId": "CVE-2026-22893",
    "datePublished": "2026-06-10T03:06:34.562Z",
    "dateReserved": "2026-01-13T07:49:08.783Z",
    "dateUpdated": "2026-06-11T03:55:23.448Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-22899 (GCVE-0-2026-22899)

Vulnerability from cvelistv5 – Published: 2026-06-10 03:07 – Updated: 2026-06-17 01:48

Title

File Station 5

Summary

A NULL pointer dereference vulnerability has been reported to affect File Station 6. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following version: File Station 5 5.5.6.5208 and later

Severity

1.3 (Low)


                        
                          CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U

SSVC

Exploitation: none Automatable: no Technical Impact: partial

CISA Coordinator (v2.0.3)

CWE

CWE-476

Assigner

qnap

References

1 reference

URL	Tags
https://www.qnap.com/en/security-advisory/qsa-26-10

Impacted products

1 product

Vendor	Product	Version
QNAP Systems Inc.	File Station 5	Affected: 5.5.0 , < 5.5.6.5208 (custom)

Credits

coral

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-22899",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-06-10T15:48:27.435909Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-06-10T15:48:35.940Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "File Station 5",
          "vendor": "QNAP Systems Inc.",
          "versions": [
            {
              "lessThan": "5.5.6.5208",
              "status": "affected",
              "version": "5.5.0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "coral"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "A NULL pointer dereference vulnerability has been reported to affect File Station 6. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack.\u003cbr\u003e\u003cbr\u003eWe have already fixed the vulnerability in the following version:\u003cbr\u003eFile Station 5 5.5.6.5208 and later\u003cbr\u003e"
            }
          ],
          "value": "A NULL pointer dereference vulnerability has been reported to affect File Station 6. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack.\n\nWe have already fixed the vulnerability in the following version:\nFile Station 5 5.5.6.5208 and later"
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-129",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-129"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 1.3,
            "baseSeverity": "LOW",
            "exploitMaturity": "UNREPORTED",
            "privilegesRequired": "LOW",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U",
            "version": "4.0",
            "vulnAvailabilityImpact": "LOW",
            "vulnConfidentialityImpact": "NONE",
            "vulnIntegrityImpact": "NONE",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-476",
              "description": "CWE-476",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-06-17T01:48:14.948Z",
        "orgId": "2fd009eb-170a-4625-932b-17a53af1051f",
        "shortName": "qnap"
      },
      "references": [
        {
          "url": "https://www.qnap.com/en/security-advisory/qsa-26-10"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "We have already fixed the vulnerability in the following version:\u003cbr\u003eFile Station 5 5.5.6.5208 and later\u003cbr\u003e"
            }
          ],
          "value": "We have already fixed the vulnerability in the following version:\nFile Station 5 5.5.6.5208 and later"
        }
      ],
      "source": {
        "advisory": "QSA-26-19",
        "discovery": "EXTERNAL"
      },
      "title": "File Station 5",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "2fd009eb-170a-4625-932b-17a53af1051f",
    "assignerShortName": "qnap",
    "cveId": "CVE-2026-22899",
    "datePublished": "2026-06-10T03:07:48.525Z",
    "dateReserved": "2026-01-13T07:49:08.784Z",
    "dateUpdated": "2026-06-17T01:48:14.948Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-24720 (GCVE-0-2026-24720)

Vulnerability from cvelistv5 – Published: 2026-06-10 03:08 – Updated: 2026-06-17 01:48

Title

File Station 5

Summary

An allocation of resources without limits or throttling vulnerability has been reported to affect File Station 6. If a remote attacker gains a user account, they can then exploit the vulnerability to prevent other systems, applications, or processes from accessing the same type of resource. We have already fixed the vulnerability in the following version: File Station 5 5.5.6.5243 and later

Severity

1.3 (Low)


                        
                          CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U

SSVC

Exploitation: none Automatable: no Technical Impact: partial

CISA Coordinator (v2.0.3)

CWE

CWE-770

Assigner

qnap

References

1 reference

URL	Tags
https://www.qnap.com/en/security-advisory/qsa-26-10

Impacted products

1 product

Vendor	Product	Version
QNAP Systems Inc.	File Station 5	Affected: 5.5.0 , < 5.5.6.5243 (custom)

Credits

coral

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-24720",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-06-10T15:47:39.848867Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-06-10T15:47:51.643Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "File Station 5",
          "vendor": "QNAP Systems Inc.",
          "versions": [
            {
              "lessThan": "5.5.6.5243",
              "status": "affected",
              "version": "5.5.0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "coral"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "An allocation of resources without limits or throttling vulnerability has been reported to affect File Station 6. If a remote attacker gains a user account, they can then exploit the vulnerability to prevent other systems, applications, or processes from accessing the same type of resource.\u003cbr\u003e\u003cbr\u003eWe have already fixed the vulnerability in the following version:\u003cbr\u003eFile Station 5 5.5.6.5243 and later\u003cbr\u003e"
            }
          ],
          "value": "An allocation of resources without limits or throttling vulnerability has been reported to affect File Station 6. If a remote attacker gains a user account, they can then exploit the vulnerability to prevent other systems, applications, or processes from accessing the same type of resource.\n\nWe have already fixed the vulnerability in the following version:\nFile Station 5 5.5.6.5243 and later"
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-130",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-130"
            }
          ]
        },
        {
          "capecId": "CAPEC-131",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-131"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 1.3,
            "baseSeverity": "LOW",
            "exploitMaturity": "UNREPORTED",
            "privilegesRequired": "LOW",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U",
            "version": "4.0",
            "vulnAvailabilityImpact": "LOW",
            "vulnConfidentialityImpact": "NONE",
            "vulnIntegrityImpact": "NONE",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-770",
              "description": "CWE-770",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-06-17T01:48:37.410Z",
        "orgId": "2fd009eb-170a-4625-932b-17a53af1051f",
        "shortName": "qnap"
      },
      "references": [
        {
          "url": "https://www.qnap.com/en/security-advisory/qsa-26-10"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "We have already fixed the vulnerability in the following version:\u003cbr\u003eFile Station 5 5.5.6.5243 and later\u003cbr\u003e"
            }
          ],
          "value": "We have already fixed the vulnerability in the following version:\nFile Station 5 5.5.6.5243 and later"
        }
      ],
      "source": {
        "advisory": "QSA-26-26",
        "discovery": "EXTERNAL"
      },
      "title": "File Station 5",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "2fd009eb-170a-4625-932b-17a53af1051f",
    "assignerShortName": "qnap",
    "cveId": "CVE-2026-24720",
    "datePublished": "2026-06-10T03:08:09.047Z",
    "dateReserved": "2026-01-26T06:41:35.897Z",
    "dateUpdated": "2026-06-17T01:48:37.410Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

WID-SEC-W-2026-1966

CVE-2025-59382 (GCVE-0-2025-59382)

CVE-2025-62858 (GCVE-0-2025-62858)

CVE-2025-66273 (GCVE-0-2025-66273)

CVE-2025-66279 (GCVE-0-2025-66279)

CVE-2025-66280 (GCVE-0-2025-66280)

CVE-2025-66281 (GCVE-0-2025-66281)

CVE-2026-22893 (GCVE-0-2026-22893)

CVE-2026-22899 (GCVE-0-2026-22899)

CVE-2026-24720 (GCVE-0-2026-24720)

Tags

Sightings

Nomenclature