CNNVD-202602-1950 Information

CNNVD ID

CNNVD-202602-1950

Related CVE

CVE-2025-68406

• CNNVD Published: 2026-02-11

Description (Chinese)

QNAP Qsync Central是中国台湾威联通科技（QNAP）公司的一个 NAS 上基于云的文件同步服务。 QNAP Qsync Central 5.0.0.4之前版本存在路径遍历漏洞，该漏洞源于如果远程攻击者获取了用户帐户，可以读取意外文件或系统数据的内容。

Description (English)

QNAP Qsync Central is a cloud-based document synchronization service on the NAS of Taiwan Universal Technologies (QNAP). The previous version of QNAP Qsync Central 5.0.0.4 had a loophole in the path, which stemmed from the ability to read the contents of unexpected files or system data if remote assailants had access to user accounts.

Vulnerability Type

路径遍历

Affected Vendor

威联通科技

Published

2026-02-11

Last Modified

2026-02-24

References

https://www.qnap.com/en/security-advisory/qsa-26-02 https://access.redhat.com/security/cve/cve-2025-68406

Patch

https://www.qnap.com/en/security-advisory/qsa-26-02