CVE-2025-52856Improper Authentication in Systems INC Viostor

CWE-287Improper Authentication3 documents3 sources
Severity
9.3CRITICALNVD
EPSS
0.3%
top 47.51%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Qnap Systems INC ViostorQnap QVR
Timeline
PublishedAug 29

Description

An improper authentication vulnerability has been reported to affect VioStor. If a remote attacker, they can then exploit the vulnerability to compromise the security of the system. We have already fixed the vulnerability in the following version: VioStor 5.1.6 build 20250621 and later

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Affected Packages2 packages

CVEListV5qnap_systems_inc/viostor5.1.05.1.6 build 20250621
NVDqnap/qvr5.1.05.1.6+1

🔴Vulnerability Details

2
CVEList
VioStor2025-08-29
GHSA
GHSA-fjh8-m5r5-9wrm: An improper authentication vulnerability has been reported to affect VioStor2025-08-29
CVE-2025-52856 — Improper Authentication | cvebase