CVE-2025-53594

A path traversal vulnerability has been reported to affect several product versions. If a local attacker gains a user account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the following versions: Qfinde...

CVE-2025-53594

CVE-2025-53594 is a path-traversal vulnerability affecting QNAP products. A local attacker who has a user account can exploit the issue to read contents of unexpected files or system data. The vulnerability is reported across Qfinder Pro Mac, Qsync for Mac, and QVPN Device Client for Mac, with fi...

CVE-2025-53594 Qfinder Pro, Qsync, QVPN

A path traversal vulnerability has been reported to affect several product versions. If a local attacker gains a user account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the following versions: Qfinde...

CVE-2025-53594 Qfinder Pro, Qsync, QVPN

A path traversal vulnerability has been reported to affect several product versions. If a local attacker gains a user account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the following versions: Qfinde...

PT-2026-1094

Name of the Vulnerable Software and Affected Versions Qfinder Pro Mac versions prior to 7.13.0 Qsync for Mac versions prior to 5.1.5 QVPN Device Client for Mac versions prior to 2.2.8 Description A path traversal issue exists that could allow a local attacker with a user account to read the...

QNAP Systems多款产品 安全漏洞

QNAP Systems Qsync and others are products of China Weilian Technology QNAP Systems.QNAP Systems Qsync is a file synchronization service for synchronizing files and folders between NAS and other devices.QNAP Systems Qfinder Pro Mac is a desktop assistant for macOS QNAP Systems QVPN Device Client ...

EUVD-2017-16638

Malware in sbrugna...

CVE-2024-53694

The CVE-2024-53694 issue is a TOCTOU race condition affecting QNAP products: QVPN Device Client for Mac, Qsync for Mac, and Qfinder Pro Mac. The vulnerability could allow local attackers with user access to access otherwise unauthorized resources. Mitigation/fix: patches are available in QVPN Dev...

CVE-2024-53694 QVPN Device Client, Qsync, Qfinder Pro

A time-of-check time-of-use TOCTOU race condition vulnerability has been reported to affect several product versions. If exploited, the vulnerability could allow local attackers who have gained user access to gain access to otherwise unauthorized resources. We have already fixed the vulnerability...

CVE-2024-53694 QVPN Device Client, Qsync, Qfinder Pro

A time-of-check time-of-use TOCTOU race condition vulnerability has been reported to affect several product versions. If exploited, the vulnerability could allow local attackers who have gained user access to gain access to otherwise unauthorized resources. We have already fixed the vulnerability...

QVPN Device Client、QNAP Systems Qsync和QNAP Systems Qfinder Pro 安全漏洞

QNAP Systems QVPN Device Client and others are products of China-based Weilian Technology QNAP Systems.QVPN Device Client is a client software program used to manage connections to VPN servers running on QNAP devices.QNAP Systems Qfinder Pro is a utility for quickly searching and managing a NAS...

QNAP Qfinder Pro Information Disclosure Vulnerability

QNAP Qfinder Pro is a suite of software from China Weilian QNAP Systems for quickly searching for QNAP NAS devices on your LAN. A security vulnerability exists in QNAP Qfinder Pro 6.1.0.0317 and earlier versions. An attacker could exploit the vulnerability to obtain sensitive information on a NAS...

CVE-2017-7633

QNAP Qfinder Pro 6.1.0.0317 and earlier may expose sensitive information contained in NAS devices. If exploited, this may allow attackers to further compromise the device...

Information disclosure

QNAP Qfinder Pro 6.1.0.0317 and earlier may expose sensitive information contained in NAS devices. If exploited, this may allow attackers to further compromise the device...

CVE-2017-7633

QNAP Qfinder Pro 6.1.0.0317 and earlier may expose sensitive information contained in NAS devices. If exploited, this may allow attackers to further compromise the device...

CVE-2017-7633

QNAP Qfinder Pro 6.1.0.0317 and earlier may expose sensitive information contained in NAS devices. If exploited, this may allow attackers to further compromise the device...

CVE-2017-7633

The CVE-2017-7633 entry concerns QNAP Qfinder Pro (version 6.1.0.0317 and earlier). The connected sources describe an information-disclosure vulnerability in Qfinder Pro that could allow an attacker to obtain sensitive information stored on NAS devices and potentially leverage that to further com...