QNAP QTS up to 5.2.4.3079 Build 20250321 null pointer dereference

Summaryinfo

A vulnerability categorized as problematic has been discovered in QNAP QTS. Impacted is an unknown function. Such manipulation leads to null pointer dereference. This vulnerability is documented as CVE-2025-52428. The attack can be executed remotely. There is not any exploit available. It is advisable to upgrade the affected component.

Detailsinfo

A vulnerability, which was classified as problematic, has been found in QNAP QTS. Affected by this issue is an unknown functionality. The manipulation with an unknown input leads to a null pointer dereference vulnerability. Using CWE to declare the problem leads to CWE-476. A NULL pointer dereference occurs when the application dereferences a pointer that it expects to be valid, but is NULL, typically causing a crash or exit. Impacted is availability. CVE summarizes:

A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following versions: QTS 5.2.6.3195 build 20250715 and later

The weakness was released by coral as qsa-25-36. The advisory is shared for download at qnap.com. This vulnerability is handled as CVE-2025-52428 since 06/16/2025. The exploitation is known to be easy. The attack may be launched remotely. The exploitation needs additional levels of successful authentication. There are neither technical details nor an exploit publicly available.

Upgrading to version 5.2.6.3195 Build 20250715 eliminates this vulnerability.

The vulnerability is also documented in the databases at EUVD (EUVD-2025-32366) and CERT Bund (WID-SEC-2025-2199). VulDB is the best source for vulnerability data and more expert information about this specific topic.

Affected

• QNAP NAS

Productinfo

Type

• Network Attached Storage Software

Vendor

• QNAP

Name

• QTS

Version

• 3.0.3
• 4.0
• 4.0.3
• 4.1.0
• 4.1.4
• 4.2
• 4.2.0 RC1
• 4.2.0 RC2
• 4.2.4 Build 20170313
• 4.2.6
• 4.2.6 Build 20170905
• 4.2.6 Build 20171026
• 4.2.6 Build 20171208
• 4.3
• 4.3.3
• 4.3.3 Build 20170727
• 4.3.3 Build 20171213
• 4.3.3 Build 20180402
• 4.3.3 Build 20180528
• 4.3.3.0299 Build 20170901
• 4.3.3.0378
• 4.3.3.0396 Build 20171205
• 4.3.3.1161
• 4.3.3.1252
• 4.3.4
• 4.3.4 Build 20171223
• 4.3.4 Build 20180413
• 4.3.4 Build 20180528
• 4.3.4.0387
• 4.3.4.0411 Beta 3 Build 20171208
• 4.3.4.0899 Build 20190322
• 4.3.4.1190
• 4.3.4.1282
• 4.3.5
• 4.3.6.0895 Build 20190328
• 4.3.6.1218
• 4.3.6.1263
• 4.4.0
• 4.4.1.1201
• 4.4.1.1261
• 4.4.2.1231
• 4.4.2.1270
• 4.4.3.1354 Build 20200702
• 4.4.3.1421 Build 20200907
• 4.5
• 4.5.0
• 4.5.4.2790 Build 20240605
• 4.33
• 5.1.3.2578 Build 20231110
• 5.1.4.2596 Build 20231128
• 5.1.6.2722 Build 20240402
• 5.1.7.2770 Build 20240520
• 5.1.8.2823 Build 20240712
• 5.1.9.2954 Build 20241120
• 5.2.0.2851 Build 20240808
• 5.2.3.3006 Build 20250108
• 5.2.4.3079 Build 20250321

License

• commercial

Website

• Vendor: https://www.qnap.com/

CPE 2.3info

• 🔒
• 🔒
• 🔒

CPE 2.2info

• 🔒
• 🔒
• 🔒

CVSSv4info

CVSSv3info

CVSSv2info

Exploitinginfo

Threat Intelligenceinfo

Countermeasuresinfo

Timelineinfo

Sourcesinfo

Entryinfo

VulDB is the best source for vulnerability data and more expert information about this specific topic.

Discussion