10 matches found
CVE-2025-33037
A path traversal vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the following version: Qsync Central...
CVE-2025-33033
A path traversal vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the following version: Qsync Central...
CVE-2025-29898
An uncontrolled resource consumption vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service DoS attack. We have already fixed the vulnerability in the following version: Qsync Centra...
CVE-2025-29893
An SQL injection vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to execute unauthorized code or commands. We have already fixed the vulnerability in the following version: Qsync Central 4.5.0.7 2025/04/23...
CVE-2025-29894
An SQL injection vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to execute unauthorized code or commands. We have already fixed the vulnerability in the following version: Qsync Central 4.5.0.7 2025/04/23...
CVE-2025-33038 Qsync Central
A path traversal vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the following version: Qsync Central...
CVE-2025-33037 Qsync Central
A path traversal vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the following version: Qsync Central...
CVE-2025-30275 Qsync Central
A NULL pointer dereference vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service DoS attack. We have already fixed the vulnerability in the following version: Qsync Central 4.5.0.7...
CVE-2025-30275
CVE-2025-30275 – QNAP Qsync Central : A NULL pointer dereference vulnerability in Qsync Central could be triggered by an attacker who already has a user account, enabling a denial-of-service (DoS). Affected product: Qsync Central (version(s) prior to 4.5.0.7). Root cause: NULL pointer dereference...
PT-2025-35284
Name of the Vulnerable Software and Affected Versions: Qsync Central versions prior to 4.5.0.7 Description: An improper certificate validation issue exists in Qsync Central. A remote attacker gaining a user account can compromise system security. Recommendations: Update to Qsync Central version...