We have already fixed the vulnerability in the following version:
Qsync Central 4.5.0.7 ( 2025/04/23 ) and later
Metrics
Affected Vendors & Products
Solution
We have already fixed the vulnerability in the following version: Qsync Central 4.5.0.7 ( 2025/04/23 ) and later
Workaround
No workaround given by the vendor.
Link | Providers |
---|---|
https://www.qnap.com/en/security-advisory/qsa-25-22 |
![]() ![]() |
Fri, 19 Sep 2025 17:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Qnap
Qnap qsync Central |
|
CPEs | cpe:2.3:a:qnap:qsync_central:*:*:*:*:*:*:*:* | |
Vendors & Products |
Qnap
Qnap qsync Central |
|
Metrics |
cvssV3_1
|
Fri, 29 Aug 2025 19:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Fri, 29 Aug 2025 17:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | An improper certificate validation vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to compromise the security of the system. We have already fixed the vulnerability in the following version: Qsync Central 4.5.0.7 ( 2025/04/23 ) and later | |
Title | Qsync Central | |
Weaknesses | CWE-295 | |
References |
| |
Metrics |
cvssV4_0
|

Status: PUBLISHED
Assigner: qnap
Published:
Updated: 2025-08-29T18:22:18.446Z
Reserved: 2025-03-20T02:53:29.059Z
Link: CVE-2025-30278

Updated: 2025-08-29T18:17:00.553Z

Status : Analyzed
Published: 2025-08-29T18:15:40.630
Modified: 2025-09-19T17:04:36.080
Link: CVE-2025-30278

No data.

No data.