We have already fixed the vulnerability in the following version:
Qsync Central 4.5.0.6 ( 2025/03/20 ) and later
Metrics
Affected Vendors & Products
Solution
We have already fixed the vulnerability in the following version: Qsync Central 4.5.0.6 ( 2025/03/20 ) and later
Workaround
No workaround given by the vendor.
Link | Providers |
---|---|
https://www.qnap.com/en/security-advisory/qsa-25-10 |
![]() ![]() |
Mon, 22 Sep 2025 16:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Qnap
Qnap qsync Central |
|
CPEs | cpe:2.3:a:qnap:qsync_central:*:*:*:*:*:*:*:* | |
Vendors & Products |
Qnap
Qnap qsync Central |
|
Metrics |
cvssV3_1
|
Fri, 06 Jun 2025 17:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Fri, 06 Jun 2025 16:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | A use of externally-controlled format string vulnerability has been reported to affect Qsync Central. If exploited, the vulnerability could allow remote attackers who have gained user access to obtain secret data or modify memory. We have already fixed the vulnerability in the following version: Qsync Central 4.5.0.6 ( 2025/03/20 ) and later | |
Title | Qsync Central | |
Weaknesses | CWE-134 | |
References |
| |
Metrics |
cvssV4_0
|

Status: PUBLISHED
Assigner: qnap
Published:
Updated: 2025-06-06T16:35:24.146Z
Reserved: 2025-01-07T06:55:33.249Z
Link: CVE-2025-22482

Updated: 2025-06-06T16:19:16.854Z

Status : Analyzed
Published: 2025-06-06T16:15:24.023
Modified: 2025-09-20T03:33:58.337
Link: CVE-2025-22482

No data.

No data.