CVE-2025-52425 | QNAP QuMagie up to 2.6.x sql injection (qsa-25-33)

November 7, 2025 Yanac

A vulnerability, which was classified as critical, has been found in QNAP QuMagie up to 2.6.x. This vulnerability affects unknown code. Performing manipulation results in sql injection.

This vulnerability is identified as CVE-2025-52425. The attack can be initiated remotely. There is not any exploit available.

It is advisable to upgrade the affected component.VulDB Recent EntriesRead More

CVE-2025-52865 | QNAP File Station prior 5.5.6.5018 User Account null pointer dereference (qsa-25-38)
CVE-2025-47207 | QNAP File Station prior 5.5.6.5018 User Account null pointer dereference (qsa-25-38)