cbcvebase.
CVE-2025-52861
published 2025-08-29

CVE-2025-52861: A path traversal vulnerability has been reported to affect VioStor. If a remote attacker gains an administrator account, they can then exploit the…

PriorityP339high7CVSS 4.0
AVNACLATNPRHUINVCNVIHVAHSCNSINSANEXCRXIRXARXMAVXMACXMATXMPRXMUIXMVCXMVIXMVAXMSCXMSIXMSAXSXAUXRXVXREXUX
EPSS
0.60%
44.2th percentile
A path traversal vulnerability has been reported to affect VioStor. If a remote attacker gains an administrator account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the following version: VioStor 5.1.6 build 20250621 and later

Affected

1 ranges
VendorProductVersion rangeFixed in
qnap_systems_incviostor>= 5.1.0 < 5.1.6 build 202506215.1.6 build 20250621
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.