CVE-2025-54152

Medium

A use of out-of-range pointer offset vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account,…

qnap·CWE-823·Published 2026-02-11

CVSS

6.5

EPSS

0.00

KEV

Exploits

cve.orgen

328 chars

A use of out-of-range pointer offset vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to read sensitive portions of memory. We have already fixed the vulnerability in the following version: Qsync Central 5.0.0.4 ( 2026/01/20 ) and later

NVDen

328 chars

NVDes

367 chars

Se ha informado que una vulnerabilidad de uso de desplazamiento de puntero fuera de rango afecta a Qsync Central. Si un atacante remoto obtiene una cuenta de usuario, puede entonces explotar la vulnerabilidad para leer porciones sensibles de la memoria. Ya hemos corregido la vulnerabilidad en la siguiente versión: Qsync Central 5.0.0.4 ( 2026/01/20 ) y posteriores

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
3.1	Primary	NVD	6.5	2.8	3.6	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
4.0	Primary	cve.org	1.3	—	—	CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U