CVE-2025-58469 | THREATINT

Description

A cross-site request forgery (CSRF) vulnerability has been reported to affect QuLog Center. The remote attackers can then exploit the vulnerability to gain privileges or hijack user identities. We have already fixed the vulnerability in the following version: QuLog Center 1.8.2.927 ( 2025/09/17 ) and later

PUBLISHED Reserved 2025-09-03 | Published 2025-11-07 | Updated 2025-11-07 | Assigner qnap

LOW: 1.2CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U

Problem types

CWE-352

Product status

Default status

unaffected

1.8.x.x (custom) before 1.8.2.927 ( 2025/09/17 )

affected

Credits

Tim Coen finder

References

www.qnap.com/en/security-advisory/qsa-25-42

cve.org (CVE-2025-58469)

nvd.nist.gov (CVE-2025-58469)

Download JSON