CNNVD-202510-406 Information
Oct 03, 2025
cve
CNNVD ID
CNNVD-202510-406
Related CVE
- CNNVD Published: 2025-10-03
Description (Chinese)
QNAP Qsync Central是中国台湾威联通科技(QNAP)公司的一个 NAS 上基于云的文件同步服务。 QNAP Qsync Central 5.0.0.2之前版本存在SQL注入漏洞,该漏洞源于SQL注入,可能导致执行未授权代码或命令。
Description (English)
QNAP Qsync Central is a cloud-based document synchronization service on the NAS of Taiwan Universal Technologies (QNAP). The pre-QNAP Qsync Central 5.2.0 contains an injection loophole of SQL, which originates from an injection of SQL and may lead to the performance of unauthorized codes or commands.
Hazard Level
Medium
Vulnerability Type
SQL注入
Affected Vendor
威联通科技
Published
2025-10-03
Last Modified
2026-02-24
References
https://www.qnap.com/en/security-advisory/qsa-25-35
Patch
https://www.qnap.com/en/security-advisory/qsa-25-35
Share on: