Cross-Site Request Forgery Vulnerability in QNAP Notification Center
CVE-2025-58468
5.1MEDIUM
What is CVE-2025-58468?
A cross-site request forgery (CSRF) vulnerability has been discovered in QNAP's Notification Center. This flaw allows remote attackers to perform unauthorized actions on behalf of authenticated users, potentially leading to privilege escalation or identity hijacking. To mitigate risks, users are advised to upgrade to Notification Center version 1.10.0.3291 or later, where this security issue has been resolved.
Affected Version(s)
Notification Center 1.10.0 < 1.10.0.3291