CVE-2025-52425— QuMagie

EPSS 0.11% · P29 Updated Nov 09, 2025

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2025-52425

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

QuMagie

Source: NVD (National Vulnerability Database)

Vulnerability Description

An SQL injection vulnerability has been reported to affect QuMagie. A remote attacker can exploit the vulnerability to execute unauthorized code or commands. We have already fixed the vulnerability in the following versions: QuMagie 2.7.0 and later

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

SQL命令中使用的特殊元素转义处理不恰当(SQL注入)

Source: NVD (National Vulnerability Database)

Vulnerability Title

QNAP Systems QuMagie SQL注入漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

QNAP Systems QuMagie是中国威联通科技（QNAP Systems）公司的一款 QTS 照片管理应用程序。 QNAP Systems QuMagie 2.6.x版本存在SQL注入漏洞，该漏洞源于容易受到SQL注入攻击，可能导致执行未授权代码或命令。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
QNAP Systems Inc.	QuMagie	2.7.x ~ 2.7.0	-

II. Public POCs for CVE-2025-52425

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2025-52425

请登录查看更多情报信息。

https://nvd.nist.gov/vuln/detail/CVE-2025-52425

Same Patch Batch · QNAP Systems Inc. · 2025-11-07 · 17 CVEs total

CVE-2025-58469		QuLog Center
CVE-2025-58465		Download Station
CVE-2025-58464		QuMagie
CVE-2025-58463		Download Station
CVE-2025-57712		Qsync Central
CVE-2025-57706		File Station 5
CVE-2025-54168		QuLog Center
CVE-2025-54167		Notification Center
CVE-2025-53413		File Station 5
CVE-2025-53412		File Station 5
CVE-2025-53411		File Station 5
CVE-2025-53410		File Station 5
CVE-2025-53409		File Station 5
CVE-2025-53408		File Station 5
CVE-2025-52865		File Station 5
CVE-2025-47207		File Station 5

IV. Related Vulnerabilities

Same product: QuMagie

Same vendor: QNAP Systems Inc.

Same weakness: CWE-89

V. Comments for CVE-2025-52425

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2025-52425— QuMagie

I. Basic Information for CVE-2025-52425

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2025-52425

III. Intelligence Information for CVE-2025-52425

Same Patch Batch · QNAP Systems Inc. · 2025-11-07 · 17 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2025-52425

Leave a comment