Qnap: Update closes some high-risk gaps in QTS and QuTS hero
Updates for the QTS and QuTS-hero firmwares of Qnap devices close security vulnerabilities classified as high-risk.
(Image: heise online / dmk)
Updated versions of the QTS and QuTS-hero firmware of Qnap devices plug security leaks, some of which have been classified as high risk. Attackers can misuse them to execute arbitrary commands or for denial-of-service attacks.
Qnap reported a total of eleven vulnerabilities over the weekend, which the firmware updates patch. The most serious is a command injection vulnerability. If attackers gain remote access to an account, they can execute arbitrary commands (CVE-2025-30264, CVSS 7.7, risk"high"). Malicious actors from the network can also exploit another vulnerability after logging in to write outside designated memory areas and thus modify or disrupt memory (CVE-2025-30273, CVSS 7.1, risk"high").
The updates also patch other vulnerabilities, but these are only considered medium or low risk. A NULL pointer dereference can trigger a denial of service (DoS) (CVE-2025-29882). A buffer overflow can lead to modification of memory areas (CVE-2025-30265); further NULL pointer dereferences can lead to DoS (CVE-2025-30267, CVE-2025-30268, CVE-2025-30272, CVE-2025-30274) or a path traversal vulnerability allowing read access to unexpected files or system data (CVE-2025-30270, CVE-2025-30271, CVE-2025-33032).
Updates already available
QTS 5.2.x and QuTS hero h5.2.x are affected. The good news is that firmware updates have already been available for months that close the security vulnerabilities now reported: QTS 5.2.5.3145 build 20250526 and QuTS hero h5.2.5.3138 build 20250519 and newer versions in each case correct the security-relevant errors.
Videos by heise
Admins should check their Qnap device to see if the update has already been installed. After logging into the user interface as an administrator, this can be done via "Control Panel" – "System" – "Firmware Update". Under "Live Update", click on "Check for Update" to download and install the latest firmware version.
In the middle of last week, Qnap had already closed high-risk security gaps in File Station 5 with software updates.
(dmk)
