CVE-2025-59387

Vulnerability Description

An SQL injection vulnerability has been reported to affect MARS (Multi-Application Recovery Service). The remote attackers can then exploit the vulnerability to execute unauthorized code or commands. We have already fixed the vulnerability in the following version: MARS (Multi-Application Recovery Service) 1.2.1.1686 and later

Related Weaknesses (CWE)

CWE-89

References

https://www.qnap.com/en/security-advisory/qsa-25-53

FAQ

What is CVE-2025-59387?

CVE-2025-59387 is a documented vulnerability. An SQL injection vulnerability has been reported to affect MARS (Multi-Application Recovery Service). The remote attackers can then exploit the vulnerability to execute unauthorized code or commands. ...

How severe is CVE-2025-59387?

CVSS scoring is not yet available for CVE-2025-59387. Check NVD for updates.

Is there a patch for CVE-2025-59387?

Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.