216.73.217.64

CVE-2025-62858

· Published 09/06/2026 08:16 · Modified 09/06/2026 13:49

Labels: CVE-2025-62858 2026-06-09CVE-2025-62858CWE-121[email protected]

Essential information

Published
09/06/2026 08:16
Modified
09/06/2026 13:49
Author
Creator
CVSS
5.1 MEDIUM (v3) 5.1 MEDIUM (v4.0)
CISA KEV
No
CWE
CVSS vector

CVSS metrics

Description

A buffer overflow vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to modify memory or crash processes. We have already fixed the vulnerability in the following versions: QTS 5.2.9.3410 build 20260214 and later QuTS hero h5.2.9.3410 build 20260214 and later QuTS hero h5.3.4.3500 build 20260520 and later QuTS hero h6.0.0.3397 build 20260206 and later

NVD status

Status
Awaiting Analysis — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
qnap / qts cpe:2.3:o:qnap:qts:5.2.9.3410:*:*:*:*:*:*:*
qnap / quts hero cpe:2.3:o:qnap:quts_hero:h5.2.9.3410:*:*:*:*:*:*:*
qnap / quts hero cpe:2.3:o:qnap:quts_hero:h5.3.4.3500:*:*:*:*:*:*:*
qnap / quts hero cpe:2.3:o:qnap:quts_hero:h6.0.0.3397:*:*:*:*:*:*:*

References