Primary

Context

QNAP NetBak Replicator Unquoted Search Path Vulnerability Allowing Code Execution

Vulnerability

Patched

A vulnerability in QNAP NetBak Replicator versions 4.5.x has been identified, involving an unquoted search path or element. This vulnerability allows local attackers with user accounts to execute unauthorized code or commands. The issue has been resolved in NetBak Replicator version 4.5.15.0807 and later.

Impact

Exploitation of this vulnerability could lead to unauthorized code execution on the affected system.

Remediation

Users are advised to update to NetBak Replicator version 4.5.15.0807 or later. For the latest updates available for QNAP utilities, visit the QNAP Utilities page.

Added: Oct 3, 2025, 7:16 PM

Updated: Oct 3, 2025, 7:16 PM

Vulnerability Rating

Custom Algorithm

spread

6.6

impact

7.5

exploitability

3.3

remediation

7.7

relevance

0.6

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

6.6

impact

7.5

exploitability

3.3

remediation

7.7

relevance

0.6

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

QNAP NetBak Replicator Unquoted Search Path Vulnerability Allowing Code Execution

Vulnerability

Impact

Remediation

Affected Products

QNAP NetBak Replicator

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating