CVE-2025-52432

03.10.2025, 19:15

A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack.

We have already fixed the vulnerability in the following versions:
QTS 5.2.6.3195 build 20250715 and later
and later
QuTS hero h5.2.6.3195 build 20250715 and later
QuTS hero h5.3.0.3192 build 20250716 and later

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	4.9 MEDIUM	NETWORK	LOW	HIGH	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
qnap	CNA	---				---
CISA-ADP	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 34%

Vendor	Product	Version
qnap	qts	5.2.0.2737:build_20240417
qnap	qts	5.2.0.2744:build_20240424
qnap	qts	5.2.0.2782:build_20240601
qnap	qts	5.2.0.2802:build_20240620
qnap	qts	5.2.0.2823:build_20240711
qnap	qts	5.2.0.2851:build_20240808
qnap	qts	5.2.0.2860:build_20240817
qnap	qts	5.2.1.2930:build_20241025
qnap	qts	5.2.2.2950:build_20241114
qnap	qts	5.2.3.3006:build_20250108
qnap	qts	5.2.4.3070:build_20250312
qnap	qts	5.2.4.3079:build_20250321
qnap	qts	5.2.4.3092:build_20250403
qnap	qts	5.2.5.3145:build_20250526

𝑥

= Vulnerable software versions

Common Weakness Enumeration

CWE-476 - NULL Pointer Dereference
A NULL pointer dereference occurs when the application dereferences a pointer that it expects to be valid, but is NULL, typically causing a crash or exit.

References

https://www.qnap.com/en/security-advisory/qsa-25-36