Impact
An administrative path traversal flaw exists in QNAP’s QTS and QuTS hero operating systems that permits a remote attacker with administrator credentials to read files outside the intended directory. The weakness is classified as CWE‑22. Exposed data may include confidential system files or configuration information, potentially enabling further compromise.
Affected Systems
QNAP Systems Inc.’s QTS and QuTS hero firmware are affected. Versions prior to QTS 5.2.9.3492 build 20260507 and any QuTS hero releases before h5.2.9.3499 build 20260514, h5.3.4.3500 build 20260520, or h6.0.0.3459 build 20260409 are vulnerable. Updating to the listed builds resolves the issue.
Risk and Exploitability
The CVSS score of 1.2 indicates low severity. The EPSS score of 0.00392 (<1%) indicates a very low probability of exploitation, and the flaw is not listed in CISA KEV, implying limited public exploitation. Exploitation requires obtaining administrative authentication first; an unauthenticated attacker cannot leverage the traversal directly.
OpenCVE Enrichment