A path traversal vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains a user account, they can then exploit the vulnerability to read the contents of unexpected files or system data.
We have already fixed the vulnerability in the following versions:
QTS 5.2.5.3145 build 20250526 and later
QuTS hero h5.2.5.3138 build 20250519 and later
                
            Metrics
Affected Vendors & Products
References
        | Link | Providers | 
|---|---|
| https://www.qnap.com/en/security-advisory/qsa-25-21 |     | 
History
                    Mon, 22 Sep 2025 16:45:00 +0000
| Type | Values Removed | Values Added | 
|---|---|---|
| First Time appeared | Qnap Qnap qts Qnap quts Hero | |
| CPEs | cpe:2.3:o:qnap:qts:5.2.0.2737:build_20240417:*:*:*:*:*:* cpe:2.3:o:qnap:qts:5.2.0.2744:build_20240424:*:*:*:*:*:* cpe:2.3:o:qnap:qts:5.2.0.2782:build_20240601:*:*:*:*:*:* cpe:2.3:o:qnap:qts:5.2.0.2802:build_20240620:*:*:*:*:*:* cpe:2.3:o:qnap:qts:5.2.0.2823:build_20240711:*:*:*:*:*:* cpe:2.3:o:qnap:qts:5.2.0.2851:build_20240808:*:*:*:*:*:* cpe:2.3:o:qnap:qts:5.2.0.2860:build_20240817:*:*:*:*:*:* cpe:2.3:o:qnap:qts:5.2.1.2930:build_20241025:*:*:*:*:*:* cpe:2.3:o:qnap:qts:5.2.2.2950:build_20241114:*:*:*:*:*:* cpe:2.3:o:qnap:qts:5.2.3.3006:build_20250108:*:*:*:*:*:* cpe:2.3:o:qnap:qts:5.2.4.3070:build_20250312:*:*:*:*:*:* cpe:2.3:o:qnap:qts:5.2.4.3079:build_20250321:*:*:*:*:*:* cpe:2.3:o:qnap:qts:5.2.4.3092:build_20250403:*:*:*:*:*:* cpe:2.3:o:qnap:quts_hero:h5.2.0.2737:build_20240417:*:*:*:*:*:* cpe:2.3:o:qnap:quts_hero:h5.2.0.2782:build_20240601:*:*:*:*:*:* cpe:2.3:o:qnap:quts_hero:h5.2.0.2789:build_20240607:*:*:*:*:*:* cpe:2.3:o:qnap:quts_hero:h5.2.0.2802:build_20240620:*:*:*:*:*:* cpe:2.3:o:qnap:quts_hero:h5.2.0.2823:build_20240711:*:*:*:*:*:* cpe:2.3:o:qnap:quts_hero:h5.2.0.2851:build_20240808:*:*:*:*:*:* cpe:2.3:o:qnap:quts_hero:h5.2.0.2860:build_20240817:*:*:*:*:*:* cpe:2.3:o:qnap:quts_hero:h5.2.1.2929:build_20241025:*:*:*:*:*:* cpe:2.3:o:qnap:quts_hero:h5.2.1.2940:build_20241105:*:*:*:*:*:* cpe:2.3:o:qnap:quts_hero:h5.2.2.2952:build_20241116:*:*:*:*:*:* cpe:2.3:o:qnap:quts_hero:h5.2.3.3006:build_20250108:*:*:*:*:*:* cpe:2.3:o:qnap:quts_hero:h5.2.4.3070:build_20250312:*:*:*:*:*:* cpe:2.3:o:qnap:quts_hero:h5.2.4.3079:build_20250321:*:*:*:*:*:* | |
| Vendors & Products | Qnap Qnap qts Qnap quts Hero | |
| Metrics | cvssV3_1 
 | 
Fri, 29 Aug 2025 19:15:00 +0000
| Type | Values Removed | Values Added | 
|---|---|---|
| Metrics | ssvc 
 | 
Fri, 29 Aug 2025 17:30:00 +0000
| Type | Values Removed | Values Added | 
|---|---|---|
| Description | A path traversal vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains a user account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the following versions: QTS 5.2.5.3145 build 20250526 and later QuTS hero h5.2.5.3138 build 20250519 and later | |
| Title | QTS, QuTS hero | |
| Weaknesses | CWE-22 | |
| References |  | |
| Metrics | cvssV4_0 
 | 
 MITRE
                        MITRE
                    Status: PUBLISHED
Assigner: qnap
Published: 2025-08-29T17:16:13.816Z
Updated: 2025-08-29T18:23:04.907Z
Reserved: 2025-03-20T02:53:29.058Z
Link: CVE-2025-30270
 Vulnrichment
                        Vulnrichment
                    Updated: 2025-08-29T18:17:47.398Z
 NVD
                        NVD
                    Status : Analyzed
Published: 2025-08-29T18:15:39.143
Modified: 2025-09-22T14:49:27.510
Link: CVE-2025-30270
 Redhat
                        Redhat
                    No data.