A use of out-of-range pointer offset vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account,…
qnap·CWE-823·Published 2026-02-11
A use of out-of-range pointer offset vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to read sensitive portions of memory. We have already fixed the vulnerability in the following version: Qsync Central 5.0.0.4 ( 2026/01/20 ) and later
A use of out-of-range pointer offset vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to read sensitive portions of memory. We have already fixed the vulnerability in the following version: Qsync Central 5.0.0.4 ( 2026/01/20 ) and later
Se ha informado que una vulnerabilidad de uso de desplazamiento de puntero fuera de rango afecta a Qsync Central. Si un atacante remoto obtiene una cuenta de usuario, puede entonces explotar la vulnerabilidad para leer porciones sensibles de la memoria. Ya hemos corregido la vulnerabilidad en la siguiente versión: Qsync Central 5.0.0.4 ( 2026/01/20 ) y posteriores
| Version | Type | Source | Base | Exp | Impact | Vector |
|---|---|---|---|---|---|---|
| 3.1 | Primary | NVD | 6.5 | 2.8 | 3.6 | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
| 4.0 | Primary | cve.org | 1.3 | — | — | CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U |
| 4.0 | Secondary | NVD | 1.3 | — | — | CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X |