CVE-2025-30270
Unknown
Unknown - Not Provided
BaseFortify
Publication date: 2025-08-29
Last updated on: 2025-09-22
Assigner: QNAP Systems, Inc.
Description
Description
A path traversal vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains a user account, they can then exploit the vulnerability to read the contents of unexpected files or system data.
We have already fixed the vulnerability in the following versions:
QTS 5.2.5.3145 build 20250526 and later
QuTS hero h5.2.5.3138 build 20250519 and later
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| qnap | qts | 5.2.0.2737 |
| qnap | qts | 5.2.0.2744 |
| qnap | qts | 5.2.0.2782 |
| qnap | qts | 5.2.0.2802 |
| qnap | qts | 5.2.0.2823 |
| qnap | qts | 5.2.0.2851 |
| qnap | qts | 5.2.0.2860 |
| qnap | qts | 5.2.1.2930 |
| qnap | qts | 5.2.2.2950 |
| qnap | qts | 5.2.3.3006 |
| qnap | qts | 5.2.4.3070 |
| qnap | qts | 5.2.4.3079 |
| qnap | qts | 5.2.4.3092 |
| qnap | quts_hero | h5.2.0.2737 |
| qnap | quts_hero | h5.2.0.2782 |
| qnap | quts_hero | h5.2.0.2789 |
| qnap | quts_hero | h5.2.0.2802 |
| qnap | quts_hero | h5.2.0.2823 |
| qnap | quts_hero | h5.2.0.2851 |
| qnap | quts_hero | h5.2.0.2860 |
| qnap | quts_hero | h5.2.1.2929 |
| qnap | quts_hero | h5.2.1.2940 |
| qnap | quts_hero | h5.2.2.2952 |
| qnap | quts_hero | h5.2.3.3006 |
| qnap | quts_hero | h5.2.4.3070 |
| qnap | quts_hero | h5.2.4.3079 |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-22 | The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory. |
