Remote Code Execution Vulnerability in QNAP NAS Products
CVE-2025-59382
Key Information:
Badges
What is CVE-2025-59382?
A remote code execution vulnerability has been identified in select QNAP NAS products. This issue could potentially allow attackers to execute arbitrary code on affected systems, posing a significant risk to data integrity and system functionality. QNAP has released patches to address this vulnerability in specific versions, ensuring enhanced security for users. It is highly recommended for users to update their devices to the latest firmware to mitigate possible exploits.
Affected Version(s)
QTS ?
QuTS hero ?
QuTScloud c5.0.0
Exploit Proof of Concept (PoC)
PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.
References
CVSS V4
Timeline
- ๐ก
Public PoC available
- ๐พ
Exploit known to exist
Vulnerability published
Vulnerability Reserved