Vulnerability Details CVE-2025-33034
A path traversal vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to read the contents of unexpected files or system data.
We have already fixed the vulnerability in the following version:
Qsync Central 5.0.0.1 ( 2025/07/09 ) and later
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 39.8%
CVSS Severity
CVSS v3 Score 6.5
Products affected by CVE-2025-33034
-
cpe:2.3:a:qnap:qsync_central:4.2.0.0
-
cpe:2.3:a:qnap:qsync_central:4.2.0.1
-
cpe:2.3:a:qnap:qsync_central:4.3.0.0
-
cpe:2.3:a:qnap:qsync_central:4.3.0.1
-
cpe:2.3:a:qnap:qsync_central:4.3.0.10
-
cpe:2.3:a:qnap:qsync_central:4.3.0.11
-
cpe:2.3:a:qnap:qsync_central:4.3.0.3
-
cpe:2.3:a:qnap:qsync_central:4.3.0.4
-
cpe:2.3:a:qnap:qsync_central:4.3.0.5
-
cpe:2.3:a:qnap:qsync_central:4.3.0.6
-
cpe:2.3:a:qnap:qsync_central:4.3.0.7
-
cpe:2.3:a:qnap:qsync_central:4.4.0.10
-
cpe:2.3:a:qnap:qsync_central:4.4.0.12
-
cpe:2.3:a:qnap:qsync_central:4.4.0.13
-
cpe:2.3:a:qnap:qsync_central:4.4.0.14
-
cpe:2.3:a:qnap:qsync_central:4.4.0.15
-
cpe:2.3:a:qnap:qsync_central:4.4.0.16
-
cpe:2.3:a:qnap:qsync_central:4.4.0.2
-
cpe:2.3:a:qnap:qsync_central:4.4.0.3
-
cpe:2.3:a:qnap:qsync_central:4.4.0.4
-
cpe:2.3:a:qnap:qsync_central:4.4.0.5
-
cpe:2.3:a:qnap:qsync_central:4.4.0.6
-
cpe:2.3:a:qnap:qsync_central:4.4.0.7
-
cpe:2.3:a:qnap:qsync_central:4.4.0.8
-
cpe:2.3:a:qnap:qsync_central:4.4.0.9
-
cpe:2.3:a:qnap:qsync_central:4.5.0.3
-
cpe:2.3:a:qnap:qsync_central:4.5.0.4
-
cpe:2.3:a:qnap:qsync_central:4.5.0.5
-
cpe:2.3:a:qnap:qsync_central:4.5.0.6
-
cpe:2.3:a:qnap:qsync_central:4.5.0.7
-
cpe:2.3:a:qnap:qsync_central:4.6.0.2
-
cpe:2.3:a:qnap:qsync_central:5.0.0.0