PT-2026-1094 · Qnap · Qfinder Pro Mac+2

Michael Cowell

·

Publicado

2026-01-02

·

Atualizado

2026-01-02

·

CVE-2025-53594

CVSS v4.0

4.4

Média

VetorAV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U
Name of the Vulnerable Software and Affected Versions Qfinder Pro Mac versions prior to 7.13.0 Qsync for Mac versions prior to 5.1.5 QVPN Device Client for Mac versions prior to 2.2.8
Description A path traversal issue exists that could allow a local attacker with a user account to read the contents of unexpected files or system data.
Recommendations Update Qfinder Pro Mac to version 7.13.0 or later. Update Qsync for Mac to version 5.1.5 or later. Update QVPN Device Client for Mac to version 2.2.8 or later.

Correção

Link Following

Path traversal

Time Of Check To Time Of Use

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-59CWE-22CWE-367

Identificadores relacionados

CVE-2025-53594

Produtos afetados

Qvpn Device Client For Mac
Qfinder Pro Mac
Qsync For Mac