CVE-2025-54147 – A NULL pointer dereference vulnerability in Qsy... (How to Fix)

Q: What is the severity of CVE-2025-54147?

CVE-2025-54147 has a CVSS score of 6.5 (MEDIUM). A NULL pointer dereference vulnerability in Qsync Central allows authenticated remote attackers to cause denial-of-service conditions. This affects organizations using vulnerable versions of Qsync Central for file synchronization. Attackers need valid user credentials to exploit this vulnerability.

📋 TL;DR

A NULL pointer dereference vulnerability in Qsync Central allows authenticated remote attackers to cause denial-of-service conditions. This affects organizations using vulnerable versions of Qsync Central for file synchronization. Attackers need valid user credentials to exploit this vulnerability.

💻 Affected Systems

Products:

Qsync Central

Versions: All versions before 5.0.0.4 (2026/01/20)

Operating Systems: QNAP QTS operating system

Default Config Vulnerable: ⚠️ Yes

Notes: Vulnerability exists in default Qsync Central installations on affected QNAP devices.

📦 What is this software?

Qsync Central by Qnap

View all CVEs affecting Qsync Central →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete service disruption of Qsync Central, preventing file synchronization services and potentially affecting dependent business processes.

🟠

Likely Case

Temporary service interruption requiring manual restart of Qsync Central service, causing synchronization delays.

🟢

If Mitigated

Minimal impact with proper authentication controls and network segmentation limiting attack surface.

🌐 Internet-Facing: MEDIUM - Requires authentication but internet-facing instances are accessible to attackers with compromised credentials.

🏢 Internal Only: LOW - Internal-only deployments reduce exposure, though authenticated internal users could still exploit.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: LOW

Requires authenticated access but exploitation appears straightforward once credentials are obtained.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Qsync Central 5.0.0.4 (2026/01/20) and later

Vendor Advisory: https://www.qnap.com/en/security-advisory/qsa-26-02

Restart Required: Yes

Instructions:

1. Log into QNAP device admin interface. 2. Navigate to App Center. 3. Check for Qsync Central updates. 4. Install version 5.0.0.4 or later. 5. Restart Qsync Central service.

🔧 Temporary Workarounds

Network Access Restriction

all

Restrict network access to Qsync Central to trusted IP addresses only

Use QNAP firewall rules to limit access to specific IP ranges

Authentication Hardening

all

Implement strong password policies and multi-factor authentication

Configure strong password requirements in QNAP user management

🧯 If You Can't Patch

Isolate Qsync Central to internal network segments only
Implement strict access controls and monitor for suspicious authentication attempts

🔍 How to Verify

Check if Vulnerable:

Check Qsync Central version in QNAP App Center - versions before 5.0.0.4 are vulnerable

Check Version:

Check via QNAP web interface: App Center → Installed Apps → Qsync Central

Verify Fix Applied:

Confirm Qsync Central version is 5.0.0.4 or later in App Center

📡 Detection & Monitoring

Log Indicators:

Unexpected Qsync Central service crashes
Multiple failed authentication attempts followed by service disruption

Network Indicators:

Unusual authentication patterns to Qsync Central service
Traffic spikes followed by service unavailability

SIEM Query:

source="qnap" AND (process="Qsync Central" AND event="crash") OR (auth_failure AND destination_port=443)

📊 Metadata

CVE ID: CVE-2025-54147

CVSS v3 Score: 6.5 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE: CWE-476

EPSS Score: 0.03% exploit probability (9.4th percentile)

Published: February 11, 2026

Last Updated: February 12, 2026

🔗 References

https://www.qnap.com/en/security-advisory/qsa-26-02 Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-54147, you might also want to check these: