CNNVD-202508-3514 Information

CNNVD ID

CNNVD-202508-3514

Related CVE

CVE-2025-33037

• CNNVD Published: 2025-08-29

Description (Chinese)

QNAP Qsync Central是中国台湾威联通科技（QNAP）公司的一个 NAS 上基于云的文件同步服务。 QNAP Qsync Central 4.5.0.7版本之前版本存在路径遍历漏洞，该漏洞源于容易受到路径遍历攻击，可能导致读取意外文件或系统数据。

Description (English)

QNAP Qsync Central is a cloud-based document synchronization service on the NAS of Taiwan Universal Technologies (QNAP). The previous version of QNAP Qsync Central 4.5.0.7 had a loophole, which stemmed from the vulnerability of the path to attack and could lead to the reading of unexpected files or system data.

Hazard Level

Medium

Vulnerability Type

路径遍历

Affected Vendor

威联通科技

Published

2025-08-29

Last Modified

2026-02-24

References

https://www.qnap.com/en/security-advisory/qsa-25-22 https://access.redhat.com/security/cve/cve-2025-33037 https://nvd.nist.gov/vuln/detail/CVE-2025-33037

Patch

https://www.qnap.com/en/security-advisory/qsa-25-22