—–BEGIN PGP SIGNED MESSAGE—–

Hash: SHA256

Multiple Vulnerabilities in QNAP Products 

Indian – Computer Emergency Response Team (https://www.cert-in.org.in)

Severity Rating: MEDIUM

Software Affected

QTS 5.2.x 

QuTS hero h5.2.x 

QuTS hero h5.3.x

Overview

Multiple vulnerabilities have been reported in QNAP products which may allow a remote attacker to disclose sensitive information, data manipulation and cause denial-of-service (DoS) condition on the targeted system.

Target Audience:

Individuals and organizations using the above mentioned QNAP products.

Risk Assessment:

High risk of full system compromise, system instability, or sensitive data exposure.

Impact Assessment:

Memory corruption, disclose sensitive information, service disruption.

Description

QNAP offers a wide range of network-attached storage (NAS), direct-attached storage (DAS), networking devices, surveillance solutions, and cloud applications. These products are widely used for data backup, file sharing, multimedia streaming, virtualization and security.

These vulnerabilities exist due to NULL pointer dereference, buffer overflow, externally-controlled format string, Out-of-bounds read, throttling vulnerabilities, path traversal issue. A remote attacker could exploit these vulnerabilities by sending specially crafted requests on the targeted system.

Successful exploitation of these vulnerabilities may allow a remote attacker to disclose sensitive information, data manipulation and cause denial-of-service (DoS) condition on the targeted system.

Solution

Apply appropriate patches as mentioned in QNAPs advisory:

https://www.qnap.com/en/security-advisory/qsa-25-50

https://www.qnap.com/en/security-advisory/qsa-25-51

Vendor Information

QNAP

https://www.qnap.com/en/security-advisories

References

QNAP

https://www.qnap.com/en/security-advisory/qsa-25-50

https://www.qnap.com/en/security-advisory/qsa-25-51

CVE Name

CVE-2025-52426

CVE-2025-52430

CVE-2025-52431

CVE-2025-52863

CVE-2025-52864

CVE-2025-52872

CVE-2025-53405

CVE-2025-53414

CVE-2025-53589

CVE-2025-53591

CVE-2025-53592

CVE-2025-53593

CVE-2025-53596

CVE-2025-54164

CVE-2025-54165

CVE-2025-54166

CVE-2025-57705

CVE-2025-44013

CVE-2025-53590

CVE-2025-47208

CVE-2025-9110

CVE-2025-48721

CVE-2025-59380

CVE-2025-59381

CVE-2025-62852

– —

Thanks and Regards,

CERT-In

Incident Response Help Desk

e-mail: incident@cert-in.org.in

Phone: +91-11-22902657

Toll Free Number: 1800-11-4949

Toll Free Fax : 1800-11-6969

Web: http://www.cert-in.org.in

PGP Fingerprint: A768 083E 4475 5725 B81A A379 2156 C0C0 B620 D0B4

PGP Key information:

https://www.cert-in.org.in/s2cMainServlet?pageid=CONTACTUS

Postal address:

Indian Computer Emergency Response Team (CERT-In)

Ministry of Electronics and Information Technology

Government of India

Electronics Niketan

6, C.G.O. Complex

New Delhi-110 003

—–BEGIN PGP SIGNATURE—–

iQIzBAEBCAAdFiEE6r4Iam/Ey0c/KakL3jCgcSdcys8FAmllBjwACgkQ3jCgcSdc

ys82Vg//SozU/9rxSVdX6s+mbktvItXzFp8WRHkLDGxEzz9msAW0i7HDnwLkbL1D

u773DztVkusnlK+B7zsxmWNXFWFFCgdBMcwstt1Y5RrIVzlD0twVOO+UlpY+5PAp

ubljck+ZsxvZVJPnqNgJGsk7eQGkquWX0uzobRlUjr2TUo6KwyF8o4FIJY/tE9Vo

l2hGJfFriYT4K2LewV0Z3OEzbN/n8TDt0aWvZtgRpz+b3BoXXhbDci7qwMSMPR0m

H5bB9hxpQQPtr9SmyXDl8HU0Bve+S5Fc2TlIopHsrsKgsj0nqD+AEcOv5bDdIYxf

kybQ1MLkX7aIXlGnhiwrgZNs8bT1gFh+LU5pHc6cBvjZsK7HfEL+kU98mgTXGgGN

/tnT0PMObgzjWVueWrR1CCvZ+Xton2AfPVFewZp+KQDPN5jYSf2iXh6NBKuFfRjX

54zRj4+H8D2KL6u5L0ZTkTrEPTzsjJCdjCeEUhMNwGg7Cj8JPwwj4Pfm8l0T5B/u

0UtGAIQU3Bo0CDLhVTb0QlxwgneQJJD5y6LZRCsXcC3GMFVpMrr09mZCT91h8AqR

MAzmO+3PCCHzEuiCQIhs7ESMEzaYrq/ycjxSIYuHF8BI0ov4VOOMBvv89TbbiRYI

TxZtSL8rY8Wx8k0bpxTCoOXpATHt2pJVanXECm4jgPy39PPHsXI=

=r3SA

—–END PGP SIGNATURE—–