What is CVE-2025-52426?

CVE-2025-52426 is a publicly disclosed cybersecurity vulnerability with a LOW severity rating and CVSS score of 1.2.

How to search for CVE vulnerabilities?

You can search the 4nuxd CVE database using CVE IDs, vendor names, product names, or severity levels.

CVE-2025-52426

LOW1.2/ 10.0

Published: January 2, 2026 at 03:16 PM

Modified: January 5, 2026 at 08:22 PM

Source: security@qnapsecurity.com.tw

Vulnerability Description

A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following versions: QTS 5.2.7.3256 build 20250913 and later QuTS hero h5.2.7.3256 build 20250913 and later QuTS hero h5.3.1.3250 build 20250912 and later

CVSS Metrics

Base Score

1.2

Severity

LOW

Vector String

CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Weaknesses (CWE)

CWE-476

Source: security@qnapsecurity.com.tw

AI Security Analysis

01 // Technical Summary

QNAP NAS devices are vulnerable to a denial-of-service (DoS) attack due to a NULL pointer dereference. An attacker with administrator privileges can trigger this vulnerability, potentially rendering the device unusable and disrupting critical services. Immediate patching is crucial to mitigate this risk.

02 // Vulnerability Mechanism

Step 1: Administrator Account Compromise: The attacker must first gain administrator-level access to the QNAP device. This could be achieved through various means, such as brute-forcing weak credentials, exploiting other vulnerabilities, or social engineering. Step 2: Triggering the Vulnerability: Once logged in as an administrator, the attacker executes a specific action or series of actions that trigger the vulnerable code path. The exact actions are not specified, but they lead to the NULL pointer being dereferenced. Step 3: NULL Pointer Dereference: The vulnerable code attempts to access memory using the NULL pointer, causing a system crash. Step 4: Denial of Service: The system crash results in a denial-of-service condition, making the QNAP device unavailable to legitimate users.

03 // Deep Technical Analysis

The vulnerability stems from a NULL pointer dereference within the QNAP operating system. The root cause likely lies in a function that accesses a pointer without proper validation. Specifically, a pointer is dereferenced without checking if it is NULL. When a specific condition is met, the pointer is NULL, and the dereference causes the system to crash, leading to a DoS condition. The exact function and the triggering condition are not explicitly stated in the provided information, but the vulnerability is triggered after an attacker gains administrator privileges. This suggests that the vulnerable code path is accessible only after authentication, potentially related to administrative tasks or services.