Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2025-59386

Опубликовано: 11 фев. 2026
Источник: nvd
CVSS3: 4.9
EPSS Низкий

Описание

A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack.

We have already fixed the vulnerability in the following version: QuTS hero h5.3.2.3354 build 20251225 and later

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:qnap:quts_hero:h5.3.0.3115:build_20250430:*:*:*:*:*:*
cpe:2.3:o:qnap:quts_hero:h5.3.0.3145:build_20250530:*:*:*:*:*:*
cpe:2.3:o:qnap:quts_hero:h5.3.0.3192:build_20250716:*:*:*:*:*:*
cpe:2.3:o:qnap:quts_hero:h5.3.1.3250:build_20250912:*:*:*:*:*:*
cpe:2.3:o:qnap:quts_hero:h5.3.1.3292:build_20251024:*:*:*:*:*:*

EPSS

Процентиль: 34%
0.00139
Низкий

4.9 Medium

CVSS3

Дефекты

CWE-476

Связанные уязвимости

github логотип

GHSA-xmr6-mm5f-8mf2

CVSS3: 4.9
github
2 месяца назад

A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following version: QuTS hero h5.3.2.3354 build 20251225 and later

EPSS

Процентиль: 34%
0.00139
Низкий

4.9 Medium

CVSS3

Дефекты

CWE-476