PT-2026-1071 · Qnap · Qnap+1
Coral
·
Published
2026-01-02
·
Updated
2026-01-02
·
CVE-2025-47208
CVSS v3.1
6.5
Medium
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
QNAP versions prior to 5.2.6.3195 build 20250715
QNAP QuTS hero versions prior to 5.2.6.3195 build 20250715
Description
A flaw exists where resources can be allocated without limits or throttling. If an attacker obtains a user account, they may be able to prevent other systems, applications, or processes from accessing the same type of resource.
Recommendations
Update QNAP to version 5.2.6.3195 build 20250715 or later.
Update QNAP QuTS hero to version 5.2.6.3195 build 20250715 or later.
Fix
Allocation of Resources Without Limits
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Qnap
Quts Hero