We have already fixed the vulnerability in the following version:
Qsync Central 5.0.0.1 ( 2025/07/09 ) and later
Metrics
Affected Vendors & Products
Solution
We have already fixed the vulnerability in the following version: Qsync Central 5.0.0.1 ( 2025/07/09 ) and later
Workaround
No workaround given by the vendor.
Link | Providers |
---|---|
https://www.qnap.com/en/security-advisory/qsa-25-34 |
![]() ![]() |
Fri, 03 Oct 2025 19:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Fri, 03 Oct 2025 18:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | An allocation of resources without limits or throttling vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to prevent other systems, applications, or processes from accessing the same type of resource. We have already fixed the vulnerability in the following version: Qsync Central 5.0.0.1 ( 2025/07/09 ) and later | |
Title | Qsync Central | |
Weaknesses | CWE-770 | |
References |
| |
Metrics |
cvssV4_0
|

Status: PUBLISHED
Assigner: qnap
Published:
Updated: 2025-10-03T18:39:08.950Z
Reserved: 2025-04-15T15:14:26.907Z
Link: CVE-2025-33040

Updated: 2025-10-03T18:39:04.027Z

Status : Received
Published: 2025-10-03T18:15:35.067
Modified: 2025-10-03T18:15:35.067
Link: CVE-2025-33040

No data.

No data.