An allocation of resources without limits or throttling vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to prevent other systems, applications, or processes from accessing the same type of resource.
We have already fixed the vulnerability in the following version:
Qsync Central 5.0.0.1 ( 2025/07/09 ) and later
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://www.qnap.com/en/security-advisory/qsa-25-34 |
![]() ![]() |
History
Mon, 06 Oct 2025 14:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Qnap
Qnap qsync Qnap qsync Central |
|
Vendors & Products |
Qnap
Qnap qsync Qnap qsync Central |
Fri, 03 Oct 2025 19:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Fri, 03 Oct 2025 18:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | An allocation of resources without limits or throttling vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to prevent other systems, applications, or processes from accessing the same type of resource. We have already fixed the vulnerability in the following version: Qsync Central 5.0.0.1 ( 2025/07/09 ) and later | |
Title | Qsync Central | |
Weaknesses | CWE-770 | |
References |
| |
Metrics |
cvssV4_0
|

Status: PUBLISHED
Assigner: qnap
Published: 2025-10-03T18:08:40.111Z
Updated: 2025-10-03T18:38:24.565Z
Reserved: 2025-04-15T15:14:26.907Z
Link: CVE-2025-33039

Updated: 2025-10-03T18:38:16.140Z

Status : Awaiting Analysis
Published: 2025-10-03T18:15:34.920
Modified: 2025-10-06T14:56:47.823
Link: CVE-2025-33039

No data.