CVE-2025-66276

Analyzed Analyzed - Analysis Complete

Remote Code Execution in QTS hero

Publication date: 2026-06-10

Last updated on: 2026-06-12

Assigner: QNAP Systems, Inc.

Description

QuTS hero is not affected. We have already fixed the vulnerability in the following version: QTS 5.2.7.3256 build 20250913 and later

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published

2026-06-10

Last Modified

2026-06-12

Generated

2026-06-30

AI Q&A

2026-06-10

EPSS Evaluated

2026-06-29

NVD

CVE-2025-66276

EUVD

EUVD-2025-210094

Affected Vendors & Products

Vendor	Product	Version / Range
qnap	qts	From 4.3.0 (inc) to 5.2.7.3256 (exc)

Helpful Resources

Exploitability

CWE

KEV

CWE ID	Description
CWE-UNKNOWN

Attack-Flow Graph

Compliance Impact

The vulnerability in legacy QTS versions related to misconfigured NFS settings could allow unauthorized access, which may lead to non-compliance with common standards and regulations such as GDPR and HIPAA that require strict access controls and protection of sensitive data.

Mitigating this vulnerability by updating to QTS 5.2.7.3256 or later and strengthening NFS access controls helps maintain compliance by reducing the risk of unauthorized data access.

Executive Summary

CVE-2025-66276 is a vulnerability found in legacy QTS versions (4.3.x) when the NFS (Network File System) service is enabled. Due to misconfigured NFS settings, attackers could exploit this vulnerability to perform unauthorized actions and potentially gain access to the system.

The vulnerability has been fixed in QTS version 5.2.7.3256 build 20250913 and later.

Impact Analysis

This vulnerability could allow attackers to perform unauthorized actions on affected systems, potentially gaining access due to misconfigured NFS settings. This could lead to unauthorized data access or manipulation.

To mitigate the risk, it is recommended to update to QTS 5.2.7.3256 or later and strengthen NFS access control by reviewing and adjusting permission settings for shared folders, restricting access to specific IP addresses or domain names, and selecting stricter squash options for user privileges.

Detection Guidance

This vulnerability affects legacy QTS versions (4.3.x) when the NFS service is enabled. To detect if your system is vulnerable, you should check if your QTS version is older than 5.2.7.3256 and if the NFS service is running.

Check the QTS version on your device to see if it is older than 5.2.7.3256.
Verify if the NFS service is enabled on your system.
Review NFS shared folder permissions and access controls for misconfigurations.

While specific commands are not provided in the advisory, typical commands to check NFS status and version on a QNAP system might include checking the system firmware version via the QTS interface or command line, and using commands like `showmount -e <server_ip>` to list NFS exports or `systemctl status nfs-server` to check NFS service status if accessible.

Mitigation Strategies

To mitigate this vulnerability immediately, you should update your QTS system to version 5.2.7.3256 build 20250913 or later, where the issue has been fixed.

Additionally, strengthen NFS access control by reviewing and adjusting permission settings for shared folders.

Restrict NFS access to specific IP addresses or domain names.
Select stricter squash options for user privileges to limit unauthorized access.

Following the step-by-step instructions provided in the QNAP security advisory for updating QTS and configuring NFS access controls is recommended to enhance security.

Hi! I’m here to help you understand CVE-2025-66276. Ask me anything about the vulnerability, its impact, or mitigation strategies.

0/70