Command Injection Vulnerability in QNAP Operating System
CVE-2025-66273
8.6HIGH
What is CVE-2025-66273?
A command injection vulnerability has been identified in multiple versions of the QNAP operating system. This flaw allows remote attackers with administrator access to execute arbitrary commands, potentially compromising the integrity of the system. It is crucial for users to upgrade to the patched versions to mitigate the risks associated with this security issue.
Affected Version(s)
QTS 5.2.0 < 5.2.9.3410 build 20260214
QuTS hero h5.2.0
QuTS hero h5.3.0