CNNVD-202601-716 Information
CNNVD ID
CNNVD-202601-716
Related CVE
- CNNVD Published: 2026-01-02
Description (Chinese)
QNAP Systems Qsync等都是中国威联通科技(QNAP Systems)公司的产品。QNAP Systems Qsync是一种文件同步服务,用于在 NAS 和其他设备之间同步文件和文件夹。QNAP Systems Qfinder Pro Mac是一个macOS的桌面助手软件。QNAP Systems QVPN Device Client是一个远程连接软件。 QNAP Systems多款产品存在安全漏洞,该漏洞源于路径遍历,可能导致读取意外文件或系统数据。以下产品受到影响:QNAP Qfinder Pro Mac、QNAP Qsync for Mac和QNAP QVPN Device Client for Mac。
Description (English)
QNAP Systems Qsync and others are products of QNAP Systems. QNAP Systems Qsync is a file synchronization service used to synchronize files and folders between NAS and other devices. QNAP Systems QFinder Pro Mac is a MacOS desktop assistant software. QNAP Systems QVPN Device Clinic is a remote connection software. There is a safety loophole in QNAP Systems multi-products, which stems from the routing, which may lead to the reading of unexpected files or system data. The following products were affected: QNAP Qfinder Pro Mac, QNAP Qsync for Mac and QNAP QVN Divice Clinic for Mac.
Hazard Level
Medium
Vulnerability Type
其他
Affected Vendor
威联通科技
Published
2026-01-02
Last Modified
2026-02-24
References
https://www.qnap.com/en/security-advisory/qsa-25-55 https://access.redhat.com/security/cve/cve-2025-53594
Patch
https://www.qnap.com/en/security-advisory/qsa-25-55
Share on: