June 10, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Akira Ransomware – Active IOCs
June 8, 2025
Mirai Exploits Wazuh API Vulnerability in Latest Malware Campaign – Active IOCs
June 10, 2025
Akira Ransomware – Active IOCs
June 8, 2025
Mirai Exploits Wazuh API Vulnerability in Latest Malware Campaign – Active IOCs
June 10, 2025
Severity
High
Analysis Summary
CVE-2025-33035 CVSS:7.2
A path traversal vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to read the contents of unexpected files or system data.
CVE-2025-33031 CVSS:8.3
An improper certificate validation vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to compromise the security of the system.
CVE-2025-30279 CVSS:8.3
An improper certificate validation vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to compromise the security of the system.
CVE-2025-29892 CVSS:8.7
An SQL injection vulnerability has been reported to affect Qsync Central. If exploited, the vulnerability could allow remote attackers who have gained user access to execute unauthorized code or commands.
CVE-2025-29885 CVSS:8.3
An improper certificate validation vulnerability has been reported to affect File Station 5. If exploited, the vulnerability could allow remote attackers who have gained user access to compromise the security of the system.
CVE-2025-29884 CVSS:8.3
An improper certificate validation vulnerability has been reported to affect File Station 5. If exploited, the vulnerability could allow remote attackers who have gained user access to compromise the security of the system.
CVE-2025-29883 CVSS:8.3
An improper certificate validation vulnerability has been reported to affect File Station 5. If exploited, the vulnerability could allow remote attackers who have gained user access to compromise the security of the system.
CVE-2025-29872 CVSS:7.1
An allocation of resources without limits or throttling vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to prevent other systems, applications, or processes from accessing the same type of resource.
CVE-2025-22486 CVSS:7.1
An improper certificate validation vulnerability has been reported to affect File Station 5. If exploited, the vulnerability could allow remote attackers who have gained user access to compromise the security of the system.
CVE-2025-22484 CVSS:7.1
An allocation of resources without limits or throttling vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to prevent other systems, applications, or processes from accessing the same type of resource.
CVE-2025-22481 CVSS:8.7
A command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained user access to execute arbitrary commands.
Impact
- Gain Access
- Code Execution
- Data Manipulation
Indicators of Compromise
CVE
- CVE-2025-33035
- CVE-2025-33031
- CVE-2025-30279
- CVE-2025-29892
- CVE-2025-29885
- CVE-2025-29884
- CVE-2025-29883
- CVE-2025-29872
- CVE-2025-22486
- CVE-2025-22484
- CVE-2025-22481
Affected Vendors
QNAP
Affected Products
- QNAP File Station 5 5.5.6.4847
- QNAP Qsync Central 4.5.0.6
- QNAP File Station 5 5.5.6.4791
- QNAP QTS 5.2.4.3079
- QNAP QuTS hero h5.2.4.3079
Remediation
Refer to QNAP Security Advisory for patch, upgrade, or suggested workaround information.
