—–BEGIN PGP SIGNED MESSAGE—–

Hash: SHA256

Multiple Vulnerabilities in QNAP Products

Indian – Computer Emergency Response Team (https://www.cert-in.org.in)

Severity Rating: CRITICAL

Software Affected

QVP version 2.7.1

QuTS cloud version c5.2.8

QTS version 5.2.7

QuTS hero version h5.2.8

Overview

Multiple vulnerabilities have been reported in QNAP  products, which could allow an attacker to execute arbitrary system commands, access sensitive files, steal user credentials, perform unauthorized actions, or cause a denial-of-service condition on the targeted system.

Target Audience:

All organizations and individuals using affected QNAP products.

Risk Assessment:

High risk of command execution, credential theft, sensitive information disclosure, unauthorized access and denial of service.

Impact Assessment:

Potential for remote code execution, sensitive information disclosure and/or denial of service.

Description

QNAP QTS, QuTS hero and QuTS cloud are operating systems used in QNAP storage environments, while QVP is used in QVR Pro appliances..

Multiple vulnerabilities exist in affected QNAP products due to URL injection, command injection, stack overflow, stack manipulation, stack-based buffer overflow, broken access control, NULL pointer dereference and uncontrolled resource consumption issues. An attacker could exploit these vulnerabilities to modify password reset URLs and redirect users to attacker-controlled pages, execute arbitrary system commands, access sensitive files, perform unauthorized actions, trigger memory corruption, crash affected services, or consume excessive system resources.

Successful exploitation of these vulnerabilities could allow an attacker to execute arbitrary system commands, access sensitive files, steal user credentials, perform unauthorized actions, or cause a denial-of-service condition on the targeted system.

Solution

Apply appropriate updates as mentioned by the vendor:

https://www.qnap.com/en/security-advisory/qsa-26-10

Vendor Information

QNAP NAS

https://www.qnap.com/

References

 

https://www.qnap.com/en/security-advisory/qsa-26-10

CVE Name

CVE-2025-59382

CVE-2025-66273

CVE-2025-66279

CVE-2026-22893

CVE-2025-62858

CVE-2025-66280

CVE-2025-68405

CVE-2026-26239

CVE-2026-26240

CVE-2026-26241

CVE-2026-24724

CVE-2026-22899

CVE-2026-24720

CVE-2025-66281

– —

Thanks and Regards,

CERT-In

Incident Response Help Desk

e-mail: incident@cert-in.org.in

Phone: +91-11-22902657

Toll Free Number: 1800-11-4949

Toll Free Fax : 1800-11-6969

Web: http://www.cert-in.org.in

PGP Fingerprint: A768 083E 4475 5725 B81A A379 2156 C0C0 B620 D0B4

PGP Key information:

https://www.cert-in.org.in/s2cMainServlet?pageid=CONTACTUS

Postal address:

Indian Computer Emergency Response Team (CERT-In)

Ministry of Electronics and Information Technology

Government of India

Electronics Niketan

6, C.G.O. Complex

New Delhi-110 003

—–BEGIN PGP SIGNATURE—–

iQIzBAEBCAAdFiEE6r4Iam/Ey0c/KakL3jCgcSdcys8FAmpCfvoACgkQ3jCgcSdc

ys99SQ//SCs1fRTD4Yj0+3XU55XPqrZhCtbu7aBNcxmlcpOJ8siUhhYvED0RGkJm

tLDU30g59V1sOu2LsyJ6qq1EwIttAB9MeGq8QZFz21t406/oh1r2N1Yvd0q5mXlZ

9Bua06Ghz7yj24MGb2PuDaTwz0RGAwehXjI/aXPwGsCKqovucpX7TYOOn+pMiyUb

j2P+pYSLMRXU3v1u3Xd/tf57bVdAqyZQt8plYqkc3MIrZY2buNlJUyAlPU6fYu3y

Wvcn+xgbNtWMwImb2cyDca7lMqyg0p3ZRSGk0jPeRwe4ewYP4/aIJ9tz4FSKNv+2

qvdAEyRUxeBJhmi+qGSj6m46plE5ZZYdZLBtXweGUTKHOwplwtRKFOA3jNGSwASv

gGangoYMpuWPQiVEUUHspgB9BesA8IdoJBKFIlR4RdvOrTAuAebF44a4XUwYZAfU

1l4NOjowbBZuYwKCFNyOyKVLyCjUbP2e1B/nSFYECW1i2xtRdoN70N8W/ULzFgA4

p39OhDKHdzBWRwQ6itXjZAd+/j/JszxunSpMmW8XarKPVVRH/Ez8GYOnzMd4kX1K

97w5U+ihlqUjZ+AI/9dd04SPHfmYhRtexgvStbL7VDfS6uQHxOHUqbppkHFSyj6O

Yq4V8vF7u8mwnBRp3vBCO6uSks1LBW50Y/iWncpp/W1gSWUuZRU=

=qias

—–END PGP SIGNATURE—–