Qsync Central
CVE-2025-48723
HIGH
Severity by source
AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
Lifecycle Timeline
2DescriptionCVE.org
A buffer overflow vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to modify memory or crash processes.
We have already fixed the vulnerability in the following version: Qsync Central 5.0.0.4 ( 2026/01/20 ) and later
AnalysisAI
A buffer overflow vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to modify memory or crash processes. [CVSS 8.1 HIGH]
Technical ContextAI
Classified as CWE-120 (Classic Buffer Overflow). Affects Qsync Central. A buffer overflow vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to modify memory or crash processes.
We have already fixed the vulnerability in the following version: Qsync Central 5.0.0.4 ( 2026/01/20 ) and later
RemediationAI
Monitor vendor advisories for a patch. Enable ASLR, DEP/NX, and stack canaries where possible. Restrict network access to the affected service where possible.
More in Qsync Central
View allAn out-of-bounds write vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user accoun
An out-of-bounds write vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user accoun
An SQL injection vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, the
An SQL injection vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, the
SQL injection vulnerability in Qsync Central that allows authenticated remote attackers to execute arbitrary code or com
A buffer overflow vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, th
A buffer overflow vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, th
A buffer overflow vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, th
Format string vulnerability in QNAP Qsync Central that allows authenticated remote attackers to read sensitive data or m
A use of externally-controlled format string vulnerability has been reported to affect Qsync Central. If a remote attack
A buffer overflow vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, th
A buffer overflow vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, th
Same weakness CWE-120 – Classic Buffer Overflow
View allSame technique Buffer Overflow
View allShare
External POC / Exploit Code
Leaving vuln.today