216.73.217.64

CVE-2025-47205

· Published 11/02/2026 13:15 · Modified 11/02/2026 15:27

Labels: CVE-2025-47205 2026-02-11CVE-2025-47205CWE-476[email protected]

Essential information

Published
11/02/2026 13:15
Modified
11/02/2026 15:27
Author
Creator
CVSS
5.1 MEDIUM (v3) 5.1 MEDIUM (v4.0)
CISA KEV
No
CWE
CVSS vector

CVSS metrics

Description

A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following versions: QTS 5.2.8.3332 build 20251128 and later QuTS hero h5.2.8.3321 build 20251117 and later

NVD status

Status
Undergoing Analysis — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
qnap / qts cpe:2.3:a:qnap:qts:5.2.8.3332:*:*:*:*:*:*:*
qnap / quts hero cpe:2.3:a:qnap:quts_hero:5.2.8.3321:*:*:*:*:*:*:*

References