Is there a patch available for EUVD-2025-210102?

Yes, a patch is available for EUVD-2025-210102. Update the affected software to the latest version immediately.

QNAP QTS EUVD-2025-210102

Q: What is the CVSS score of EUVD-2025-210102?

EUVD-2025-210102 has a CVSS 4.0 base score of 6.9 (Medium). CVSS vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X. EPSS exploitation probability: 0.2%.

| CVE-2025-66281 MEDIUM

NULL Pointer Dereference (CWE-476)

2026-06-10 qnap

GHSA-hjv6-9pr5-j6w8

Denial Of Service Null Pointer Dereference Qnap

6.9

CVSS 4.0 · NVD

Severity by source

NVD PRIMARY

6.9 MEDIUM

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Lifecycle Timeline

Analysis Generated

Jun 10, 2026 - 06:26 vuln.today

Patch available

Jun 10, 2026 - 05:01 EUVD

CVSS changed

Jun 10, 2026 - 04:22 NVD

6.9 (MEDIUM)

CVE Published

Jun 10, 2026 - 03:06 nvd

UNKNOWN (no severity yet)

DescriptionNVD

A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. The remote attackers can then exploit the vulnerability to launch a denial-of-service (DoS) attack.

We have already fixed the vulnerability in the following versions: QTS 5.2.9.3410 build 20260214 and later QuTS hero h5.2.9.3410 build 20260214 and later QuTS hero h5.3.4.3500 build 20260520 and later QuTS hero h6.0.0.3397 build 20260206 and later

AnalysisAI

NULL pointer dereference in QNAP QTS and QuTS hero NAS operating systems allows remote unauthenticated attackers to crash a network-facing service and cause a denial-of-service condition without any authentication or user interaction. Multiple active OS branches are affected - QTS 5.2.x and QuTS hero h5.2.x through h6.0.x - across a device population that is historically internet-exposed and frequently targeted. No public exploit has been identified and this vulnerability is not listed in CISA KEV, but the zero-authentication, network-accessible attack surface makes DoS attempts trivially repeatable against unpatched devices.

Technical ContextAI

CWE-476 (NULL Pointer Dereference) describes a class of memory safety defect where code attempts to dereference a pointer that has not been validated as non-null, causing an immediate process or kernel crash. QNAP QTS is a Linux-based NAS operating system used across QNAP's consumer and SMB storage product lines; QuTS hero is a variant that uses a ZFS-based storage layer rather than the traditional ext4 stack of QTS. Both are confirmed affected per CPE strings cpe:2.3:a:qnap_systems_inc.:qts:*:*:*:*:*:*:*:* and cpe:2.3:a:qnap_systems_inc.:quts_hero:*:*:*:*:*:*:*:*. The advisory does not disclose which specific daemon, API handler, or protocol triggers the null dereference - only that the flaw is reachable over the network without authentication, implying it resides in a network-facing service such as the web management interface or a storage/file-sharing protocol handler.

RemediationAI

QNAP has released vendor-confirmed patches across all affected branches: upgrade QTS to 5.2.9.3410 build 20260214 or later; upgrade QuTS hero to h5.2.9.3410 build 20260214, h5.3.4.3500 build 20260520, or h6.0.0.3397 build 20260206 (or later) depending on the installed branch. Updates can be applied through Control Panel > System > Firmware Update within the QTS or QuTS hero interface, or via the myQNAPcloud update mechanism. The full vendor advisory with update links is at https://www.qnap.com/en/security-advisory/qsa-26-10. If immediate patching is not feasible, restrict network access to the NAS management interface by disabling internet-facing exposure - specifically, disable UPnP port forwarding, disable myQNAPcloud direct connect, and apply firewall rules limiting access to management ports (typically 8080/443) to trusted internal subnets only. This reduces attack surface but will break remote access functionality for legitimate users.

More from same product – last 7 days

CVE-2026-41539 HIGH This Week

8.7 Jun 09

Cross-site scripting in QNAP QTS and QuTS hero operating systems allows remote attackers to bypass security mechanisms a

CVE-2025-66273 HIGH This Week

8.6 Jun 10

Authenticated command injection in QNAP QTS and QuTS hero NAS operating systems allows a remote attacker who has already

CVE-2025-66279 HIGH This Week

8.6 Jun 10

Authenticated command injection in QNAP QTS and QuTS hero allows a remote attacker holding administrator credentials to

CVE-2026-22893 HIGH This Week

8.6 Jun 10

Authenticated command injection in QNAP QTS and QuTS hero NAS operating systems allows attackers with administrator cred

CVE-2026-24719 HIGH This Week

8.6 Jun 10

Authenticated command injection in QNAP QTS and QuTS hero NAS operating systems allows an attacker who already holds an

EUVD-2025-210102 vulnerability details – vuln.today

Back

QNAP QTS EUVD-2025-210102

Severity by source

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

Technical ContextAI

RemediationAI

More from same product – last 7 days

Share

External POC / Exploit Code