PT-2025-24293 · Qnap · Qsync Central
Izut
+1
·
Published
2025-06-06
·
Updated
2025-06-06
·
CVE-2025-22482
CVSS v3.1
8.1
High
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N |
Name of the Vulnerable Software and Affected Versions
Qsync Central versions prior to 4.5.0.6
Description
A use of externally-controlled format string vulnerability has been reported. If exploited, the vulnerability could allow remote attackers who have gained user access to obtain secret data or modify memory.
Recommendations
For versions prior to 4.5.0.6, update to Qsync Central version 4.5.0.6 or later to resolve the issue.
Fix
Use of Externally-Controlled Format String
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Qsync Central