CVE-2026-24717

Published: Jun 10, 2026Modified: Jun 12, 2026

5.1

Vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:XShow less

Source: security@qnapsecurity.com.tw (Secondary)

Description

A path traversal vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the following versions: QTS 5.2.9.3492 build 20260507 and later QuTS hero h5.2.9.3499 build 20260514 and later QuTS hero h5.3.4.3500 build 20260520 and later QuTS hero h6.0.0.3459 build 20260409 and later

Affected (4)

Products: Qnap: Qts, Quts Hero

Qnap

2 products

Qts

Quts Hero

Configuration A

4 vulnerable

Vulnerable Software	Affected Versions
Qnap Qts	From 5.2.0.2737 to 5.2.9.3492
Qnap Quts Hero	From h5.0.0 to h5.2.9.3499
Qnap Quts Hero	From h5.3.0.3115 to h5.3.4.3500
Qnap Quts Hero	From h6.0.0.3324 to h6.0.0.3459

Related CWEs

CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

References (1)

https://www.qnap.com/en/security-advisory/qsa-26-34

Source: security@qnapsecurity.com.tw

Broken Link

Timeline

No history available yet.