CVE-2025-66276
Received Received - Intake
Remote Code Execution in QTS hero

Publication date: 2026-06-10

Last updated on: 2026-06-10

Assigner: QNAP Systems, Inc.

Description
QuTS hero is not affected. We have already fixed the vulnerability in the following version: QTS 5.2.7.3256 build 20250913 and later
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-06-10
Last Modified
2026-06-10
Generated
2026-06-10
AI Q&A
2026-06-10
EPSS Evaluated
N/A
NVD
CVE-2025-66276
EUVD
EUVD-2025-210094
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
qnap qts From 5.2.7.3256 (inc)
qnap qts to 5.2.0 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Compliance Impact

The vulnerability in legacy QTS versions related to misconfigured NFS settings could allow unauthorized access, which may lead to non-compliance with common standards and regulations such as GDPR and HIPAA that require strict access controls and protection of sensitive data.

Mitigating this vulnerability by updating to QTS 5.2.7.3256 or later and strengthening NFS access controls helps maintain compliance by reducing the risk of unauthorized data access.

Executive Summary

CVE-2025-66276 is a vulnerability found in legacy QTS versions (4.3.x) when the NFS (Network File System) service is enabled. Due to misconfigured NFS settings, attackers could exploit this vulnerability to perform unauthorized actions and potentially gain access to the system.

The vulnerability has been fixed in QTS version 5.2.7.3256 build 20250913 and later.

Impact Analysis

This vulnerability could allow attackers to perform unauthorized actions on affected systems, potentially gaining access due to misconfigured NFS settings. This could lead to unauthorized data access or manipulation.

To mitigate the risk, it is recommended to update to QTS 5.2.7.3256 or later and strengthen NFS access control by reviewing and adjusting permission settings for shared folders, restricting access to specific IP addresses or domain names, and selecting stricter squash options for user privileges.

Detection Guidance

This vulnerability affects legacy QTS versions (4.3.x) when the NFS service is enabled. To detect if your system is vulnerable, you should check if your QTS version is older than 5.2.7.3256 and if the NFS service is running.

  • Check the QTS version on your device to see if it is older than 5.2.7.3256.
  • Verify if the NFS service is enabled on your system.
  • Review NFS shared folder permissions and access controls for misconfigurations.

While specific commands are not provided in the advisory, typical commands to check NFS status and version on a QNAP system might include checking the system firmware version via the QTS interface or command line, and using commands like `showmount -e <server_ip>` to list NFS exports or `systemctl status nfs-server` to check NFS service status if accessible.

Mitigation Strategies

To mitigate this vulnerability immediately, you should update your QTS system to version 5.2.7.3256 build 20250913 or later, where the issue has been fixed.

Additionally, strengthen NFS access control by reviewing and adjusting permission settings for shared folders.

  • Restrict NFS access to specific IP addresses or domain names.
  • Select stricter squash options for user privileges to limit unauthorized access.

Following the step-by-step instructions provided in the QNAP security advisory for updating QTS and configuring NFS access controls is recommended to enhance security.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-66276. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart