CVE-2026-44083

N/A

An authorization bypass through user-controlled key vulnerability has been reported to affect QuMagie. The remote attackers can then exploit the vulnerability to gain unintended privileges. We hav...

Affects 0 products across 1 vendor.

CVSS v48.7
EPSS0.5%
Percentile37th
PatchUnknown
CWE Weakness Definitions
CWE-639: Authorization Bypass Through User-Controlled Key (IDOR)

Software uses a user-supplied key to access resources without verifying authorization for that specific resource.

◆ SAGE Intelligence — CITED Relevance Research Team

CVE-2026-44083 affects QNAP QuMagie, a photo management application running on QNAP NAS devices, due to an authorization bypass through a user-controlled key vulnerability. Remote attackers can exploit this flaw to gain unintended elevated privileges without proper authorization. While QuMagie is not a native ICS component, QNAP NAS devices are frequently deployed in OT environments for data historian storage, backup, and file sharing, making unauthorized privilege escalation a meaningful lateral movement risk.

Is this CVE in your environment?

BreachSpider monitors your ICS/OT environment for vulnerabilities like this one. No agents or network access required. Free to start.

Check My Environment →
Frequently Asked Questions
What is CVE-2026-44083?
CVE-2026-44083 affects QNAP QuMagie, a photo management application running on QNAP NAS devices, due to an authorization bypass through a user-controlled key vulnerability. Remote attackers can exploit this flaw to gain unintended elevated privileges without proper authorization. While QuMagie is not a native ICS component, QNAP NAS devices are frequently deployed in OT environments for data historian storage, backup, and file sharing, making unauthorized privilege escalation a meaningful latera
Is CVE-2026-44083 actively exploited?
No confirmed active exploitation of CVE-2026-44083 as of 2026-06-24.
How do I remediate CVE-2026-44083?
Update to QuMagie 2.9.1 or later. QuMagie 2.9.1 resolves an authorization bypass vulnerability (CWE-639) where remote attackers could supply a crafted user-controlled key to circumvent access controls and gain unintended privileges. The update enforces proper server-side authorization validation independent of client-supplied inputs. Advisory: https://www.qnap.com/en/security-advisory/qsa-25-26
What systems are affected by CVE-2026-44083?
CVE-2026-44083 affects: Qnap.
Vulnerability Details
CVE IDCVE-2026-44083
Published2026-06-09
Last Modified2026-06-09
ICS Relevance55%
Weakness (CWE)
SourceNVD
Official Description

An authorization bypass through user-controlled key vulnerability has been reported to affect QuMagie. The remote attackers can then exploit the vulnerability to gain unintended privileges. We have already fixed the vulnerability in the following version: QuMagie 2.9.1 and later

Source: NIST NVD / MITRE CVE Database

Affected Products
VendorProductFixed Version
Qnap —
Remediation

Fixed Version: QuMagie 2.9.1

QuMagie 2.9.1 resolves an authorization bypass vulnerability (CWE-639) where remote attackers could supply a crafted user-controlled key to circumvent access controls and gain unintended privileges. The update enforces proper server-side authorization validation independent of client-supplied inputs.

View Vendor Advisory →
Threat Intelligence
● Threat Intelligence Validated: July 2026 | Threat Age: 33 Days
CISA KEVNot in KEV catalog
Public ExploitNot confirmed
PoC CodeNot confirmed
● Virtual Patch — CITED Relevance SAGE Engine LOW CONFIDENCE

Deploy WAF or reverse-proxy rules in front of QNAP management interfaces to block or alert on requests to /qumagie/ endpoints originating from untrusted or external network segments. At perimeter firewalls and OT DMZ enforcement points, deny all inbound connections to QNAP NAS management ports (80, 443, 8080) from any source outside designated admin workstation IP ranges. Enable rate limiting on authentication endpoints.

No reliable network detection signature exists for this vulnerability class — apply the compensating controls above and the vendor patch. SAGE only publishes a network rule when a concrete on-the-wire signature can be grounded in the advisory.

Virtual patch generated by CITED Relevance SAGE. Validate in isolated environment before production deployment. Compensating control only - does not replace vendor patch.

Related CVEs affecting Qnap
CVE-2017-7876 10.0 This command injection vulnerability in QTS allows attackers to run arbitrary... CVE-2024-32766 10.0 An OS command injection vulnerability has been reported to affect several QNA... CVE-2024-32764 9.9 A missing authentication for critical function vulnerability has been reporte... CVE-2017-17033 9.8 A buffer overflow vulnerability in password function in QNAP QTS version 4.2.... CVE-2017-17028 9.8 A buffer overflow vulnerability in external device function in QNAP QTS versi...
View all Qnap CVEs →

ICS/OT Vulnerability Intelligence for Your Environment

BreachSpider monitors 353,228 CVEs across ICS/OT vendors. SAGE-enriched alerts with virtual patches, NERC-CIP mapping, and PSIRT contacts delivered to your SIEM in minutes.

Join free →