CVE-2025-58469Cross-Site Request Forgery in Systems INC Qulog Center

CWE-352Cross-Site Request Forgery3 documents3 sources
Severity
1.2LOWNVD
EPSS
0.0%
top 87.37%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Qnap Systems INC Qulog CenterQnap Qulog Center
Timeline
PublishedNov 7

Description

A cross-site request forgery (CSRF) vulnerability has been reported to affect QuLog Center. The remote attackers can then exploit the vulnerability to gain privileges or hijack user identities. We have already fixed the vulnerability in the following version: QuLog Center 1.8.2.927 ( 2025/09/17 ) and later

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N

Affected Packages2 packages

NVDqnap/qulog_center1.8.0.8721.8.2.923
CVEListV5qnap_systems_inc/qulog_center1.8.x.x1.8.2.927 ( 2025/09/17 )

🔴Vulnerability Details

2
CVEList
QuLog Center2025-11-07
GHSA
GHSA-rmvm-jpvw-wv6p: A cross-site request forgery (CSRF) vulnerability has been reported to affect QuLog Center2025-11-07
CVE-2025-58469 — Cross-Site Request Forgery | cvebase