Critical9.8QNAP
QuMagie: SQL injection vulnerability has been reported to affect QuMagie.
CVE-2025-52425 Published Nov 7, 2025Updated by vendor Jun 17, 2026
CVE-2025-52425
Affected products & platforms
QNAPUnclassified
Summary
An SQL injection vulnerability has been reported to affect QuMagie. A remote attacker can exploit the vulnerability to execute unauthorized code or commands. We have already fixed the vulnerability in the following versions: QuMagie 2.7.0 and later
Fixed versions
- QuMagie 2.6.x
Official advisory · high-confidence parse· fetched 3 hours ago·verify at source
Mitigation checklist
Recommended fix / mitigation
- Update the affected QNAP app / operating system to a fixed release: QuMagie 2.6.x.
Official advisory · high-confidence parse· fetched 3 hours ago·verify at source
Discussion(0)
No comments yet. Share field notes, upgrade gotchas, or questions — verify against the vendor advisory before acting on community advice.
Sign in to join the discussion.