Path Traversal Vulnerability in License Center by QNAP
CVE-2025-62851

4.6MEDIUM

Key Information:

Vendor

QNAP

Vendor
CVE Published:
10 June 2026

What is CVE-2025-62851?

A path traversal vulnerability in License Center allows a local attacker with admin privileges to access and read sensitive files and system data not intended for general access. This can lead to unauthorized information disclosure, affecting the integrity of the system. The issue has been addressed in License Center version 1.9.56 and higher, making it essential for users to update their software to mitigate potential risks.

Affected Version(s)

License Center 1.9.0 < 1.9.56

References

CVSS V4

Score:
4.6
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

coral
.