CVE-2025-47210

A NULL pointer dereference vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service DoS attack. We have already fixed the vulnerability in the following version: Qsync Central 5.0.0.2...

CVE-2025-54153 Qsync Central

An SQL injection vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to execute unauthorized code or commands. We have already fixed the vulnerability in the following version: Qsync Central 5.0.0.2 2025/07/31...

CVE-2025-53595

CVE-2025-53595 concerns QNAP Qsync Central. Multiple connected sources confirm an SQL injection vulnerability in Qsync Central caused by inadequate validation of externally supplied SQL statements, allowing a remote user with an account to potentially execute unauthorized code or commands. A fixe...

CVE-2025-53595 Qsync Central

An SQL injection vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to execute unauthorized code or commands. We have already fixed the vulnerability in the following version: Qsync Central 5.0.0.2 2025/07/31...

CVE-2025-53595 Qsync Central

An SQL injection vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to execute unauthorized code or commands. We have already fixed the vulnerability in the following version: Qsync Central 5.0.0.2 2025/07/31...

CVE-2025-52867 Qsync Central

An uncontrolled resource consumption vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service DoS attack. We have already fixed the vulnerability in the following version: Qsync Centra...

CVE-2025-47210

CVE-2025-47210 (QNAP Qsync Central) is a NULL pointer dereference vulnerability affecting Qsync Central versions prior to 5.0.0.2. A remote attacker who has a user account can trigger a DoS by exploiting the dereference flaw. The issue has been fixed in Qsync Central 5.0.0.2 (released 2025-07-31)...

EUVD-2025-32356

An allocation of resources without limits or throttling vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to prevent other systems, applications, or processes from accessing the same type of resource. We hav...

PT-2025-40585

Name of the Vulnerable Software and Affected Versions Qsync Central versions prior to 5.0.0.2 Description An uncontrolled resource consumption issue exists in Qsync Central. A remote attacker who obtains a user account can potentially launch a denial-of-service DoS attack. Recommendations Update ...

PT-2025-40553

Name of the Vulnerable Software and Affected Versions Qsync Central versions prior to 5.0.0.2 Description A flaw exists in Qsync Central that allows a remote attacker, having obtained a user account, to exhaust resources and potentially prevent other systems, applications, or processes from...