CVE-2025-53594
A path traversal vulnerability has been reported to affect several product versions. If a local attacker gains a user account, they can then exploit the vulnerability to read the contents of unexpected files or system data.
We have already fixed the vulnerability in the following versions:
Qfinder Pro Mac 7.13.0 and later
Qsync for Mac 5.1.5 and later
QVPN Device Client for Mac 2.2.8 and later
We have already fixed the vulnerability in the following versions:
Qfinder Pro Mac 7.13.0 and later
Qsync for Mac 5.1.5 and later
QVPN Device Client for Mac 2.2.8 and later
Vendor
-
Product
-
CWE
Yayın Tarihi
2026-01-02 16:16:59
Güncelleme
2026-01-02 16:45:26
Source Identifier
security@qnapsecurity.com.tw
KEV Date Added
-