License Center
CVE-2025-52871
MEDIUM
Severity by source
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Lifecycle Timeline
2DescriptionCVE.org
An out-of-bounds read vulnerability has been reported to affect License Center. If a remote attacker gains a user account, they can then exploit the vulnerability to obtain secret data.
We have already fixed the vulnerability in the following version: License Center 2.0.36 and later
AnalysisAI
An out-of-bounds read vulnerability has been reported to affect License Center. If a remote attacker gains a user account, they can then exploit the vulnerability to obtain secret data. [CVSS 6.5 MEDIUM]
Technical ContextAI
Classified as CWE-125 (Out-of-bounds Read). Affects License Center. An out-of-bounds read vulnerability has been reported to affect License Center. If a remote attacker gains a user account, they can then exploit the vulnerability to obtain secret data.
We have already fixed the vulnerability in the following version: License Center 2.0.36 and later
RemediationAI
Monitor vendor advisories for a patch. Restrict network access to the affected service where possible.
More in License Center
View allA command injection vulnerability has been reported to affect License Center. Rated high severity (CVSS 7.7), this vulne
Path traversal in QNAP License Center (versions 1.9.0 through 1.9.55) permits a high-privileged attacker with an adminis
A buffer overflow vulnerability has been reported to affect License Center. If a remote attacker gains an administrator
A cross-site scripting (XSS) vulnerability has been reported to affect License Center. If exploited, the vulnerability c
A cross-site scripting (XSS) vulnerability has been reported to affect several QNAP operating system versions. Rated hig
Same weakness CWE-125 – Out-of-bounds Read
View allSame technique Buffer Overflow
View allShare
External POC / Exploit Code
Leaving vuln.today