CVE-2025-57714NVD

Vulnerability Summary

An unquoted search path or element vulnerability has been reported to affect NetBak Replicator. If a local attacker gains a user account, they can then exploit the vulnerability to execute unauthorized code or commands.

We have already fixed the vulnerability in the following version:
NetBak Replicator 4.5.15.0807 and later

Severity Level

HIGH(8.5)

Published Date

Oct 3, 2025

Last Modified

Oct 3, 2025

Exploitation Status

????

EPSS Score (30-Day)

Data Pending

Root Weakness (CWE)

CWE-428: Unknown/Unlisted Weakness ↗

Refer to the official MITRE database for detailed architectural specifications regarding this weakness.

CVSS v4.0 Base Metrics

Attack VectorLocal

Attack ComplexityLow

Privileges RequiredLow

User InteractionNone

External References

https://www.qnap.com/en/security-advisory/qsa-25-39

Critical Alert 1 Active Exploit Detected Today

CVE Watchtower

CVE-2025-57714NVD

Vulnerability Summary

External References