Vulnerabilites related to QNAP Systems Inc. - Qsync Central
CVE-2025-29892 (GCVE-0-2025-29892)
Vulnerability from cvelistv5
Published
2025-06-06 15:53
Modified
2025-06-06 16:35
Severity ?
VLAI Severity ?
EPSS score ?
CWE
Summary
An SQL injection vulnerability has been reported to affect Qsync Central. If exploited, the vulnerability could allow remote attackers who have gained user access to execute unauthorized code or commands.
We have already fixed the vulnerability in the following version:
Qsync Central 4.5.0.6 ( 2025/03/20 ) and later
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| QNAP Systems Inc. | Qsync Central |
Version: 4.5.x.x < 4.5.0.6 ( 2025/03/20 ) |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-29892",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-06T16:19:10.451170Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-06T16:35:18.667Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Qsync Central",
"vendor": "QNAP Systems Inc.",
"versions": [
{
"lessThan": "4.5.0.6 ( 2025/03/20 )",
"status": "affected",
"version": "4.5.x.x",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "coral"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An SQL injection vulnerability has been reported to affect Qsync Central. If exploited, the vulnerability could allow remote attackers who have gained user access to execute unauthorized code or commands.\u003cbr\u003e\u003cbr\u003eWe have already fixed the vulnerability in the following version:\u003cbr\u003eQsync Central 4.5.0.6 ( 2025/03/20 ) and later\u003cbr\u003e"
}
],
"value": "An SQL injection vulnerability has been reported to affect Qsync Central. If exploited, the vulnerability could allow remote attackers who have gained user access to execute unauthorized code or commands.\n\nWe have already fixed the vulnerability in the following version:\nQsync Central 4.5.0.6 ( 2025/03/20 ) and later"
}
],
"impacts": [
{
"capecId": "CAPEC-108",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-108"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-06T15:53:58.034Z",
"orgId": "2fd009eb-170a-4625-932b-17a53af1051f",
"shortName": "qnap"
},
"references": [
{
"url": "https://www.qnap.com/en/security-advisory/qsa-25-10"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "We have already fixed the vulnerability in the following version:\u003cbr\u003eQsync Central 4.5.0.6 ( 2025/03/20 ) and later\u003cbr\u003e"
}
],
"value": "We have already fixed the vulnerability in the following version:\nQsync Central 4.5.0.6 ( 2025/03/20 ) and later"
}
],
"source": {
"advisory": "QSA-25-10",
"discovery": "EXTERNAL"
},
"title": "Qsync Central",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "2fd009eb-170a-4625-932b-17a53af1051f",
"assignerShortName": "qnap",
"cveId": "CVE-2025-29892",
"datePublished": "2025-06-06T15:53:58.034Z",
"dateReserved": "2025-03-12T08:51:05.985Z",
"dateUpdated": "2025-06-06T16:35:18.667Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-22482 (GCVE-0-2025-22482)
Vulnerability from cvelistv5
Published
2025-06-06 15:53
Modified
2025-06-06 16:35
Severity ?
VLAI Severity ?
EPSS score ?
CWE
Summary
A use of externally-controlled format string vulnerability has been reported to affect Qsync Central. If exploited, the vulnerability could allow remote attackers who have gained user access to obtain secret data or modify memory.
We have already fixed the vulnerability in the following version:
Qsync Central 4.5.0.6 ( 2025/03/20 ) and later
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| QNAP Systems Inc. | Qsync Central |
Version: 4.5.x.x < 4.5.0.6 ( 2025/03/20 ) |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-22482",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-06T16:19:15.429870Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-06T16:35:24.146Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Qsync Central",
"vendor": "QNAP Systems Inc.",
"versions": [
{
"lessThan": "4.5.0.6 ( 2025/03/20 )",
"status": "affected",
"version": "4.5.x.x",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Searat and izut"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A use of externally-controlled format string vulnerability has been reported to affect Qsync Central. If exploited, the vulnerability could allow remote attackers who have gained user access to obtain secret data or modify memory.\u003cbr\u003e\u003cbr\u003eWe have already fixed the vulnerability in the following version:\u003cbr\u003eQsync Central 4.5.0.6 ( 2025/03/20 ) and later\u003cbr\u003e"
}
],
"value": "A use of externally-controlled format string vulnerability has been reported to affect Qsync Central. If exploited, the vulnerability could allow remote attackers who have gained user access to obtain secret data or modify memory.\n\nWe have already fixed the vulnerability in the following version:\nQsync Central 4.5.0.6 ( 2025/03/20 ) and later"
}
],
"impacts": [
{
"capecId": "CAPEC-135",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-135"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "HIGH",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 2.3,
"baseSeverity": "LOW",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "LOW",
"subConfidentialityImpact": "LOW",
"subIntegrityImpact": "LOW",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-134",
"description": "CWE-134",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-06T15:53:28.822Z",
"orgId": "2fd009eb-170a-4625-932b-17a53af1051f",
"shortName": "qnap"
},
"references": [
{
"url": "https://www.qnap.com/en/security-advisory/qsa-25-10"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "We have already fixed the vulnerability in the following version:\u003cbr\u003eQsync Central 4.5.0.6 ( 2025/03/20 ) and later\u003cbr\u003e"
}
],
"value": "We have already fixed the vulnerability in the following version:\nQsync Central 4.5.0.6 ( 2025/03/20 ) and later"
}
],
"source": {
"advisory": "QSA-25-10",
"discovery": "EXTERNAL"
},
"title": "Qsync Central",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "2fd009eb-170a-4625-932b-17a53af1051f",
"assignerShortName": "qnap",
"cveId": "CVE-2025-22482",
"datePublished": "2025-06-06T15:53:28.822Z",
"dateReserved": "2025-01-07T06:55:33.249Z",
"dateUpdated": "2025-06-06T16:35:24.146Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-47564 (GCVE-0-2023-47564)
Vulnerability from cvelistv5
Published
2024-02-02 16:05
Modified
2024-08-29 19:48
Severity ?
VLAI Severity ?
EPSS score ?
CWE
Summary
An incorrect permission assignment for critical resource vulnerability has been reported to affect Qsync Central. If exploited, the vulnerability could allow authenticated users to read or modify the resource via a network.
We have already fixed the vulnerability in the following versions:
Qsync Central 4.4.0.15 ( 2024/01/04 ) and later
Qsync Central 4.3.0.11 ( 2024/01/11 ) and later
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| QNAP Systems Inc. | Qsync Central |
Version: 4.4.x.x < 4.4.0.15 ( 2024/01/04 ) Version: 4.3.x.x < 4.3.0.11 ( 2024/01/11 ) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T21:09:37.410Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.qnap.com/en/security-advisory/qsa-24-03"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:qnap:qsync_central:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "qsync_central",
"vendor": "qnap",
"versions": [
{
"lessThan": "4.4.0.15",
"status": "affected",
"version": "4.4.0.0",
"versionType": "custom"
},
{
"lessThan": "4.3.0.11",
"status": "affected",
"version": "4.3.0.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-47564",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-28T15:30:29.966841Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-29T19:48:47.318Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Qsync Central",
"vendor": "QNAP Systems Inc.",
"versions": [
{
"lessThan": "4.4.0.15 ( 2024/01/04 )",
"status": "affected",
"version": "4.4.x.x",
"versionType": "custom"
},
{
"lessThan": "4.3.0.11 ( 2024/01/11 )",
"status": "affected",
"version": "4.3.x.x",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "c411e"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An incorrect permission assignment for critical resource vulnerability has been reported to affect Qsync Central. If exploited, the vulnerability could allow authenticated users to read or modify the resource via a network.\u003cbr\u003e\u003cbr\u003eWe have already fixed the vulnerability in the following versions:\u003cbr\u003eQsync Central 4.4.0.15 ( 2024/01/04 ) and later\u003cbr\u003eQsync Central 4.3.0.11 ( 2024/01/11 ) and later\u003cbr\u003e"
}
],
"value": "An incorrect permission assignment for critical resource vulnerability has been reported to affect Qsync Central. If exploited, the vulnerability could allow authenticated users to read or modify the resource via a network.\n\nWe have already fixed the vulnerability in the following versions:\nQsync Central 4.4.0.15 ( 2024/01/04 ) and later\nQsync Central 4.3.0.11 ( 2024/01/11 ) and later\n"
}
],
"impacts": [
{
"capecId": "CAPEC-122",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-122"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-732",
"description": "CWE-732",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-02-02T16:05:54.662Z",
"orgId": "2fd009eb-170a-4625-932b-17a53af1051f",
"shortName": "qnap"
},
"references": [
{
"url": "https://www.qnap.com/en/security-advisory/qsa-24-03"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "We have already fixed the vulnerability in the following versions:\u003cbr\u003eQsync Central 4.4.0.15 ( 2024/01/04 ) and later\u003cbr\u003eQsync Central 4.3.0.11 ( 2024/01/11 ) and later\u003cbr\u003e"
}
],
"value": "We have already fixed the vulnerability in the following versions:\nQsync Central 4.4.0.15 ( 2024/01/04 ) and later\nQsync Central 4.3.0.11 ( 2024/01/11 ) and later\n"
}
],
"source": {
"advisory": "QSA-24-03",
"discovery": "EXTERNAL"
},
"title": "Qsync Central",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "2fd009eb-170a-4625-932b-17a53af1051f",
"assignerShortName": "qnap",
"cveId": "CVE-2023-47564",
"datePublished": "2024-02-02T16:05:54.662Z",
"dateReserved": "2023-11-06T14:11:12.322Z",
"dateUpdated": "2024-08-29T19:48:47.318Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-50404 (GCVE-0-2024-50404)
Vulnerability from cvelistv5
Published
2024-12-06 16:35
Modified
2024-12-06 19:28
Severity ?
VLAI Severity ?
EPSS score ?
CWE
Summary
A link following vulnerability has been reported to affect Qsync Central. If exploited, the vulnerability could allow remote attackers who have gained user access to traverse the file system to unintended locations.
We have already fixed the vulnerability in the following versions:
Qsync Central 4.4.0.16_20240819 ( 2024/08/19 ) and later
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| QNAP Systems Inc. | Qsync Central |
Version: 4.4.x.x < 4.4.0.16_20240819 ( 2024/08/19 ) |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-50404",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-06T19:28:28.876559Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-06T19:28:37.668Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Qsync Central",
"vendor": "QNAP Systems Inc.",
"versions": [
{
"lessThan": "4.4.0.16_20240819 ( 2024/08/19 )",
"status": "affected",
"version": "4.4.x.x",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "c411e"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A link following vulnerability has been reported to affect Qsync Central. If exploited, the vulnerability could allow remote attackers who have gained user access to traverse the file system to unintended locations.\u003cbr\u003e\u003cbr\u003eWe have already fixed the vulnerability in the following versions:\u003cbr\u003eQsync Central 4.4.0.16_20240819 ( 2024/08/19 ) and later\u003cbr\u003e"
}
],
"value": "A link following vulnerability has been reported to affect Qsync Central. If exploited, the vulnerability could allow remote attackers who have gained user access to traverse the file system to unintended locations.\n\nWe have already fixed the vulnerability in the following versions:\nQsync Central 4.4.0.16_20240819 ( 2024/08/19 ) and later"
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "ACTIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-59",
"description": "CWE-59",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-06T16:35:52.266Z",
"orgId": "2fd009eb-170a-4625-932b-17a53af1051f",
"shortName": "qnap"
},
"references": [
{
"url": "https://www.qnap.com/en/security-advisory/qsa-24-48"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "We have already fixed the vulnerability in the following versions:\u003cbr\u003eQsync Central 4.4.0.16_20240819 ( 2024/08/19 ) and later\u003cbr\u003e"
}
],
"value": "We have already fixed the vulnerability in the following versions:\nQsync Central 4.4.0.16_20240819 ( 2024/08/19 ) and later"
}
],
"source": {
"advisory": "QSA-24-48",
"discovery": "EXTERNAL"
},
"title": "Qsync Central",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "2fd009eb-170a-4625-932b-17a53af1051f",
"assignerShortName": "qnap",
"cveId": "CVE-2024-50404",
"datePublished": "2024-12-06T16:35:52.266Z",
"dateReserved": "2024-10-24T03:45:32.283Z",
"dateUpdated": "2024-12-06T19:28:37.668Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}