CSRF in Qnap Qulog_center
CVE-2025-58469
A cross-site request forgery (CSRF) vulnerability has been reported to affect QuLog Center. The remote attackers can then exploit the vulnerability to gain privileges or hijack user identities. We have already fixed the vulnerability in t…
Vulnerability class: CSRF (Cross-Site Request Forgery)
EPSS: 0.002 (11.5th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 8.8 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H.
Affected products
- Qnap Qulog_center
- Qnap Systems Inc. Qulog Center — versions 1.8.x.x
Weakness classification (CWE)
References
- security@qnapsecurity.com.tw (Vendor Advisory)
Frequently asked questions
- What is CVE-2025-58469?
- CVE-2025-58469 is a high-severity vulnerability in Qnap Qulog_center, classified under Cross-Site Request Forgery (CSRF). CVSS score: 8.8/10. Published 2025-11-07.
- How severe is CVE-2025-58469?
- High severity. CVSS v3 base score is 8.8 out of 10.