CVE-2025-52426

CWE-476NULL Pointer DereferenceCWE-776XML Entity Expansion (Billion Laughs)4 documents4 sources
Severity
1.2LOW
EPSS
0.1%
top 65.10%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
4
Qnap Systems Inc. QTSQnap Systems Inc. Quts HeroQnap QTS+1 more
Timeline
PublishedJan 2

Description

A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following versions: QTS 5.2.7.3256 build 20250913 and later QuTS hero h5.2.7.3256 build 20250913 and later QuTS hero h5.3.1.3250 build 20250912 and later

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N

Affected Packages4 packages

CVEListV5qnap_systems_inc./quts_heroh5.2.xh5.2.7.3256 build 20250913+1
NVDqnap/quts_hero18 versions+17
CVEListV5qnap_systems_inc./qts5.2.x5.2.7.3256 build 20250913
NVDqnap/qts16 versions+15

🔴Vulnerability Details

2
GHSA
GHSA-h65r-fq24-hw5g: A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions2026-01-02
CVEList
QTS, QuTS hero2026-01-02

📋Vendor Advisories

1
Microsoft
libexpat through 2.5.0 allows recursive XML Entity Expansion if XML_DTD is undefined at compile time.2024-02-13
CVE-2025-52426 (LOW CVSS 1.2) | A NULL pointer dereference vulnerab | cvebase.io