CVE-2025-52867
MEDIUM WAF: Medium
CVSS 6.5
Published: 2025-10-03
CWE-400
An uncontrolled resource consumption vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following version: Qsync Central 5.0.0.2 ( 2025/07/31 ) and later
WAF Coverage Analysis
Uncontrolled Resource Consumption
Medium WAF Coverage
OWASP: A05:2021 Security Misconfiguration
912xxx - DOS Protection
Affected Software
| Vendor | Product | Version |
|---|---|---|
| qnap | qsync_central | 5.0.0.0 - 5.0.0.2 |
References
- www.qnap.com (Vendor Advisory)