SQL Injection Vulnerability in Qsync Central by QNAP
CVE-2025-29893
7.5HIGH
What is CVE-2025-29893?
An SQL injection flaw has been identified in Qsync Central that allows remote attackers, upon obtaining a valid user account, to execute unauthorized commands or code. This vulnerability poses significant risks to data integrity and system security. Users are advised to update to Qsync Central version 4.5.0.7 or later to mitigate this vulnerability.
Affected Version(s)
Qsync Central 4.5.x.x < 4.5.0.7 ( 2025/04/23 )