PT-2024-34179 · Qnap · Qsync Central
C411E
·
Published
2024-12-06
·
Updated
2025-12-10
·
CVE-2024-50404
CVSS v3.1
8.8
High
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions:
Qsync Central versions prior to 4.4.0.16
Description:
A link following vulnerability has been reported to affect Qsync Central, allowing remote attackers who have gained user access to traverse the file system to unintended locations.
Recommendations:
For versions prior to 4.4.0.16, update to Qsync Central 4.4.0.16 20240819 or later to resolve the issue.
Fix
Link Following
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Qsync Central