Request a Demo
Rewterz
Akira Ransomware – Active IOCs
June 8, 2025
Rewterz
Mirai Botnet aka Katana – Active IOCs
June 9, 2025

Multiple QNAP Products Vulnerabilities

Severity

High

Analysis Summary

CVE-2025-33035 CVSS:7.2

A path traversal vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to read the contents of unexpected files or system data.

CVE-2025-33031 CVSS:8.3

An improper certificate validation vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to compromise the security of the system.

CVE-2025-30279 CVSS:8.3

An improper certificate validation vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to compromise the security of the system.

CVE-2025-29892 CVSS:8.7

An SQL injection vulnerability has been reported to affect Qsync Central. If exploited, the vulnerability could allow remote attackers who have gained user access to execute unauthorized code or commands.

CVE-2025-29885 CVSS:8.3

An improper certificate validation vulnerability has been reported to affect File Station 5. If exploited, the vulnerability could allow remote attackers who have gained user access to compromise the security of the system.

CVE-2025-29884 CVSS:8.3

An improper certificate validation vulnerability has been reported to affect File Station 5. If exploited, the vulnerability could allow remote attackers who have gained user access to compromise the security of the system.

CVE-2025-29883 CVSS:8.3

An improper certificate validation vulnerability has been reported to affect File Station 5. If exploited, the vulnerability could allow remote attackers who have gained user access to compromise the security of the system.

CVE-2025-29872 CVSS:7.1

An allocation of resources without limits or throttling vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to prevent other systems, applications, or processes from accessing the same type of resource.

CVE-2025-22486 CVSS:7.1

An improper certificate validation vulnerability has been reported to affect File Station 5. If exploited, the vulnerability could allow remote attackers who have gained user access to compromise the security of the system.

CVE-2025-22484 CVSS:7.1

An allocation of resources without limits or throttling vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to prevent other systems, applications, or processes from accessing the same type of resource.

CVE-2025-22481 CVSS:8.7

A command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained user access to execute arbitrary commands.

Impact

  • Gain Access
  • Code Execution
  • Data Manipulation

Indicators of Compromise

CVE

  • CVE-2025-33035
  • CVE-2025-33031
  • CVE-2025-30279
  • CVE-2025-29892
  • CVE-2025-29885
  • CVE-2025-29884
  • CVE-2025-29883
  • CVE-2025-29872
  • CVE-2025-22486
  • CVE-2025-22484
  • CVE-2025-22481

Affected Vendors

QNAP

Affected Products

  • QNAP File Station 5 5.5.6.4847
  • QNAP Qsync Central 4.5.0.6
  • QNAP File Station 5 5.5.6.4791
  • QNAP QTS 5.2.4.3079
  • QNAP QuTS hero h5.2.4.3079

Remediation

Refer to QNAP Security Advisory for patch, upgrade, or suggested workaround information.

CVE-2025-33035

CVE-2025-33031

CVE-2025-30279

CVE-2025-29892

CVE-2025-29885

CVE-2025-29884

CVE-2025-29883

CVE-2025-29872

CVE-2025-22486

CVE-2025-22484

CVE-2025-22481