CNNVD-202601-729 Information

CNNVD ID

CNNVD-202601-729

Related CVE

CVE-2025-53591

• CNNVD Published: 2026-01-02

Description (Chinese)

QNAP Systems QTS和QNAP Systems QuTS hero都是中国台湾威联通科技（QNAP Systems）公司的一个具有数据存储与管理功能的软件。 QNAP Systems QTS和QNAP Systems QuTS hero存在格式化字符串错误漏洞，该漏洞源于使用外部控制的格式字符串，可能导致获取秘密数据或修改内存。

Description (English)

QNAP Systems QTS and QNAP Systems QTS Hero are both software with data storage and management functions at QNAP Systems. QNAP Systems QTS and QNAP Systems QTS QTS hero have a formatted string bug that originates from a format string using external control, which may lead to the acquisition of secret data or to the modification of memory.

Hazard Level

Critical

Vulnerability Type

格式化字符串错误

Affected Vendor

威联通科技

Published

2026-01-02

Last Modified

2026-02-24

References

https://www.qnap.com/en/security-advisory/qsa-25-50 https://access.redhat.com/security/cve/cve-2025-53591

Patch

https://www.qnap.com/en/security-advisory/qsa-25-50