CVE-2025-54153 | QNAP Qsync Central up to 5.0.0.1 sql injection (qsa-25-35)

October 3, 2025 Yanac

A vulnerability was found in QNAP Qsync Central up to 5.0.0.1 and classified as critical. The impacted element is an unknown function. Such manipulation leads to sql injection.

This vulnerability is referenced as CVE-2025-54153. It is possible to launch the attack remotely. No exploit is available.

It is suggested to upgrade the affected component.VulDB Recent EntriesRead More