CVE-2025-52430

CVSS v3.1

4.9

Medium

Vector

AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions QNAP QTS versions prior to 5.2.7.3256 build 20250913 QNAP QuTS hero h5.2.7 versions prior to 5.2.7.3256 build 20250913 QNAP QuTS hero h5.3.1 versions prior to 5.3.1.3250 build 20250912

Description A NULL pointer dereference issue exists in several QNAP operating system versions. An attacker gaining administrator access can exploit this to cause a denial-of-service (DoS) condition.

Recommendations Update QTS to version 5.2.7.3256 build 20250913 or later. Update QuTS hero h5.2.7 to version 5.2.7.3256 build 20250913 or later. Update QuTS hero h5.3.1 to version 5.3.1.3250 build 20250912 or later.

Fix

DoS

NULL Pointer Dereference

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-476

Related Identifiers

CVE-2025-52430

Affected Products

Qnap Qts

Qnap Quts Hero H5.2.7

Qnap Quts Hero H5.3.1

CVE-2025-52430

Weakness Enumeration

Related Identifiers

Affected Products

References · 6