Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2025-48727

A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following versions: QTS 5.2.6.3195 build 20250715 and later QuTS hero h5.2.6.3195 build 20250715 and later

Published

2025-10-03T19:15:44.577

Last Modified

2025-10-08T19:45:31.630

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 4.9 (MEDIUM)

Weaknesses
  • Type: Secondary
    CWE-476
Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Operating System qnap qts 5.2.0.2737 Yes
Operating System qnap qts 5.2.0.2744 Yes
Operating System qnap qts 5.2.0.2782 Yes
Operating System qnap qts 5.2.0.2802 Yes
Operating System qnap qts 5.2.0.2823 Yes
Operating System qnap qts 5.2.0.2851 Yes
Operating System qnap qts 5.2.0.2860 Yes
Operating System qnap qts 5.2.1.2930 Yes
Operating System qnap qts 5.2.2.2950 Yes
Operating System qnap qts 5.2.3.3006 Yes
Operating System qnap qts 5.2.4.3070 Yes
Operating System qnap qts 5.2.4.3079 Yes
Operating System qnap qts 5.2.4.3092 Yes
Operating System qnap qts 5.2.5.3145 Yes
Operating System qnap quts_hero h5.2.0.2737 Yes
Operating System qnap quts_hero h5.2.0.2782 Yes
Operating System qnap quts_hero h5.2.0.2789 Yes
Operating System qnap quts_hero h5.2.0.2802 Yes
Operating System qnap quts_hero h5.2.0.2823 Yes
Operating System qnap quts_hero h5.2.0.2851 Yes
Operating System qnap quts_hero h5.2.0.2860 Yes
Operating System qnap quts_hero h5.2.1.2929 Yes
Operating System qnap quts_hero h5.2.1.2940 Yes
Operating System qnap quts_hero h5.2.2.2952 Yes
Operating System qnap quts_hero h5.2.3.3006 Yes
Operating System qnap quts_hero h5.2.4.3070 Yes
Operating System qnap quts_hero h5.2.4.3079 Yes
Operating System qnap quts_hero h5.2.5.3138 Yes
References