CVE-2025-54150
MEDIUM WAF: Medium
CVSS 5.5
Published: 2026-02-11
CWE-400
An uncontrolled resource consumption vulnerability has been reported to affect Qsync Central. If a local attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following version: Qsync Central 5.0.0.4 ( 2026/01/20 ) and later
WAF Coverage Analysis
Uncontrolled Resource Consumption
Medium WAF Coverage
OWASP: A05:2021 Security Misconfiguration
912xxx - DOS Protection
Affected Software
| Vendor | Product | Version |
|---|---|---|
| qnap | qsync_central | 5.0.0.0 - 5.0.0.4 |
References
- www.qnap.com (Vendor Advisory)