Описание
A use of externally-controlled format string vulnerability has been reported to affect Qsync Central. If exploited, the vulnerability could allow remote attackers who have gained user access to obtain secret data or modify memory.
We have already fixed the vulnerability in the following version: Qsync Central 4.5.0.6 ( 2025/03/20 ) and later
Ссылки
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 4.5.0.3 (включая) до 4.5.0.6 (исключая)
cpe:2.3:a:qnap:qsync_central:*:*:*:*:*:*:*:*
EPSS
Процентиль: 14%
0.00046
Низкий
8.1 High
CVSS3
Дефекты
CWE-134
Связанные уязвимости
github
8 месяцев назад
A use of externally-controlled format string vulnerability has been reported to affect Qsync Central. If exploited, the vulnerability could allow remote attackers who have gained user access to obtain secret data or modify memory. We have already fixed the vulnerability in the following version: Qsync Central 4.5.0.6 ( 2025/03/20 ) and later
EPSS
Процентиль: 14%
0.00046
Низкий
8.1 High
CVSS3
Дефекты
CWE-134