NULL Pointer Dereference Vulnerability in QNAP Operating System
CVE-2025-62850

5.1MEDIUM

Key Information:

Vendor

QNAP

Status
Vendor
CVE Published:
10 June 2026

What is CVE-2025-62850?

A NULL pointer dereference vulnerability has been identified in several versions of the QNAP operating system. This flaw allows an attacker with administrator access to potentially exploit the vulnerability, leading to a denial-of-service (DoS) condition. It’s crucial for users operating affected versions to apply updates promptly to mitigate the risk of exploitation.

Affected Version(s)

QuTS hero h5.2.0

QuTS hero h5.3.0

QuTS hero ?

References

CVSS V4

Score:
5.1
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

coral
.