安全ID : QSA-25-39
Vulnerability in NetBak Replicator
发布日期 : October 4, 2025
通用漏洞披露 : CVE-2025-57714
受影响产品: NetBak Replicator 4.5.x
严重程度
Important
状态
已解决
Summary
An unquoted search path or element vulnerability has been reported to affect NetBak Replicator. If a local attacker gains access to a user account, they can then exploit the vulnerability to execute unauthorized code or commands.
We have already fixed the vulnerability in the following version:
| Affected Product | Fixed Version |
| NetBak Replicator 4.5.x | NetBak Replicator 4.5.15.0807 and later |
Recommendation
To secure your device, we recommend regularly updating your QNAP utilities to the latest versions to benefit from vulnerability fixes. You can check the QNAP Utilities page to see the latest updates available to your device operating system.
附件
致谢: Kazuma Matsumoto of GMO Cybersecurity by IERAE, Inc.
修订历史:
V1.0 (October 4, 2025) - Published
