QTS, QuTS hero, QuTScloud are not affected.
We have already fixed the vulnerability in the following version:
CVSS
No CVSS.
References
| Link | Resource |
|---|---|
| https://www.qnap.com/en/security-advisory/qsa-26-10 |
Configurations
No configuration.
History
10 Jun 2026, 03:16
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2026-06-10 03:16
Updated : 2026-06-10 03:16
NVD link : CVE-2025-59382
Mitre link : CVE-2025-59382
CVE.ORG link : CVE-2025-59382
JSON object : View
Products Affected
No product.
CWE
CWE-472
External Control of Assumed-Immutable Web Parameter