CVE-2025-30265

Published: Aug 29, 2025Modified: Jun 17, 2026

2.3

Vector

CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:XShow less

Source: security@qnapsecurity.com.tw (Secondary)

Description

A buffer overflow vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains a user account, they can then exploit the vulnerability to modify memory or crash processes. We have already fixed the vulnerability in the following versions: QTS 5.2.5.3145 build 20250526 and later QuTS hero h5.2.5.3138 build 20250519 and later

Affected (26)

Products: Qnap: Qts, Quts Hero

Qnap

2 products

Qts

Quts Hero

Configuration A

13 vulnerable

Vulnerable Software	Affected Versions
Qnap Qts	Version 5.2.0.2737 build_20240417
Qnap Qts	Version 5.2.0.2744 build_20240424
Qnap Qts	Version 5.2.0.2782 build_20240601
Qnap Qts	Version 5.2.0.2802 build_20240620
Qnap Qts	Version 5.2.0.2823 build_20240711
Qnap Qts	Version 5.2.0.2851 build_20240808
Qnap Qts	Version 5.2.0.2860 build_20240817
Qnap Qts	Version 5.2.1.2930 build_20241025
Qnap Qts	Version 5.2.2.2950 build_20241114
Qnap Qts	Version 5.2.3.3006 build_20250108
Qnap Qts	Version 5.2.4.3070 build_20250312
Qnap Qts	Version 5.2.4.3079 build_20250321
Qnap Qts	Version 5.2.4.3092 build_20250403

Configuration B

13 vulnerable

Vulnerable Software	Affected Versions
Qnap Quts Hero	Version h5.2.0.2737 build_20240417
Qnap Quts Hero	Version h5.2.0.2782 build_20240601
Qnap Quts Hero	Version h5.2.0.2789 build_20240607
Qnap Quts Hero	Version h5.2.0.2802 build_20240620
Qnap Quts Hero	Version h5.2.0.2823 build_20240711
Qnap Quts Hero	Version h5.2.0.2851 build_20240808
Qnap Quts Hero	Version h5.2.0.2860 build_20240817
Qnap Quts Hero	Version h5.2.1.2929 build_20241025
Qnap Quts Hero	Version h5.2.1.2940 build_20241105
Qnap Quts Hero	Version h5.2.2.2952 build_20241116
Qnap Quts Hero	Version h5.2.3.3006 build_20250108
Qnap Quts Hero	Version h5.2.4.3070 build_20250312
Qnap Quts Hero	Version h5.2.4.3079 build_20250321

Related CWEs

CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.

CWE-121

Stack-based Buffer Overflow

A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).

References (1)

https://www.qnap.com/en/security-advisory/qsa-25-21

Source: security@qnapsecurity.com.tw

Vendor Advisory

Timeline

No history available yet.