QNAP NAS Multiple Vulnerabilities
Release Date: 5 Jan 2026
RISK: Medium Risk
TYPE: Servers - Other Servers
Multiple vulnerabilities were identified in QNAP NAS. A remote attacker could exploit some of these vulnerabilities to trigger denial of service condition, sensitive information disclosure and data manipulation on the targeted system.
Impact
- Denial of Service
- Information Disclosure
- Data Manipulation
System / Technologies affected
- QTS 5.2.x
- QuTS hero h5.2.x
- QuTS hero h5.3.x
Solutions
Before installation of the software, please visit the vendor web-site for more details.
Apply fixes issued by the vendor:
- https://www.qnap.com/en/security-advisory/qsa-25-50
- https://www.qnap.com/en/security-advisory/qsa-25-51
Vulnerability Identifier
- CVE-2025-9110
- CVE-2025-44013
- CVE-2025-47208
- CVE-2025-48721
- CVE-2025-52426
- CVE-2025-52430
- CVE-2025-52431
- CVE-2025-52863
- CVE-2025-52864
- CVE-2025-52872
- CVE-2025-53405
- CVE-2025-53414
- CVE-2025-53589
- CVE-2025-53590
- CVE-2025-53591
- CVE-2025-53592
- CVE-2025-53593
- CVE-2025-53596
- CVE-2025-54164
- CVE-2025-54165
- CVE-2025-54166
- CVE-2025-57705
- CVE-2025-59380
- CVE-2025-59381
- CVE-2025-62852
沒有留言:
發佈留言