ZDI-26-243: (Pwn2Own) QNAP TS-453E write_file_to_svr External Control of File Path Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of QNAP TS-453E devices. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The ZDI has assigned a CVSS rating of 6.8. The following CVEs are assigned: CVE-2025-62842.

Source link

What's Hot

CVE-2026-5847 | THREATINT

I Wish I Didn’t Care About ‘Marathon’ Player Numbers, But I Do

The Dream Job That Became a Nightmare: How Fake Job Offer Scams Are Targeting Desperate Workers

CVE-2026-5847 | THREATINT

Apache ActiveMQ security advisory (AV26-330)

ZDI-26-230: Apple macOS CoreMedia Framework Out-Of-Bounds Write Remote Code Execution Vulnerability

Global Takedown of Massive IoT Botnets Halts Record-Breaking Cyberattacks

Catchy & Intriguing

The Grandparent Scam: How AI Voice Technology Makes This Old Con Deadlier Than Ever

Pico 4 Review: Should You Actually Buy One Instead Of Quest 2?

A Review of the Venus Optics Argus 18mm f/0.95 MFT APO Lens

DJI Avata Review: Immersive FPV Flying For Drone Enthusiasts

Most Popular

Global Takedown of Massive IoT Botnets Halts Record-Breaking Cyberattacks

Catchy & Intriguing

The Grandparent Scam: How AI Voice Technology Makes This Old Con Deadlier Than Ever

Our Picks

CVE-2026-5847 | THREATINT

I Wish I Didn’t Care About ‘Marathon’ Player Numbers, But I Do

The Dream Job That Became a Nightmare: How Fake Job Offer Scams Are Targeting Desperate Workers

Subscribe to Updates

What's Hot

ZDI-26-243: (Pwn2Own) QNAP TS-453E write_file_to_svr External Control of File Path Remote Code Execution Vulnerability

Related Posts

Subscribe to Updates