WID-SEC-W-2025-1272 — Vulnetix

WID-SEC-W-2025-1272 PUBLISHED CVSS 8.699999809265137 HIGH

QNAP ist ein Hersteller von NAS (Network Attached Storage) Lösungen.

Risk Scores

CVSS v4.0

8.699999809265137

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

Affected Products

Vendor	Product	Versions
	QNAP NAS License Center <1.9.49
	QNAP NAS QuTS hero <h5.2.4.3079 build 20250321
	QNAP NAS QTS <5.2.4.3079 build 20250321
	QNAP NAS File Station 5.5.6.4791
	QNAP NAS QuTS hero h5.2.4.3079 build 20250321
	QNAP NAS QTS 5.2.4.3079 build 20250321
	QNAP NAS QuRouter <2.5.0.140
	QNAP NAS QES 2.2.1 build 20241231
	QNAP NAS File Station <5.5.6.4791
	QNAP NAS QuRouter 2.5.0.140
	QNAP NAS License Center 1.9.49
	QNAP NAS Qsync Central <4.5.0.6
	QNAP NAS File Station <5.5.6.4847
	QNAP NAS QES <2.2.1 build 20241231
	QNAP NAS File Station 5.5.6.4847
	QNAP NAS Qsync Central 4.5.0.6

Exploit Intelligence

https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-1272.json (circl)
https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-1272 (circl)
https://www.qnap.com/go/security-advisory/QSA-25-09 (circl)
https://www.qnap.com/go/security-advisory/QSA-25-10 (circl)
https://www.qnap.com/go/security-advisory/QSA-25-11 (circl)
https://www.qnap.com/go/security-advisory/QSA-25-12 (circl)
https://www.qnap.com/go/security-advisory/QSA-25-15 (circl)
https://www.qnap.com/go/security-advisory/QSA-25-16 (circl)
https://www.qnap.com/go/security-advisory/QSA-25-17 (circl)
Minions.js (github-poc)

Timeline

Jun 9, 2025 CVE Published

References

Open in Interactive Console →

$ Console Community · 100/wk Open console ›