CVE-2025-59382 | QNAP QTS/QuTS hero/QuTScloud external control of assumed-immutable web parameter (qsa-26-10)

A vulnerability was found in QNAP QTS, QuTS hero and QuTScloud and classified as problematic. The affected element is an unknown function. Executing a manipulation can lead to external control of assumed-immutable web parameter.

The identification of this vulnerability is CVE-2025-59382. The attack may be launched remotely. There is no exploit available.

It is suggested to upgrade the affected component.VulDB Recent EntriesRead More