CVE-2025-58470 – A path traversal vulnerability in Qsync Central... (How to Fix)

Q: What is the severity of CVE-2025-58470?

CVE-2025-58470 has a CVSS score of 6.5 (MEDIUM). A path traversal vulnerability in Qsync Central allows authenticated attackers to read arbitrary files on the system. This affects all Qsync Central installations before version 5.0.0.4. Attackers need valid user credentials to exploit this vulnerability.

📋 TL;DR

A path traversal vulnerability in Qsync Central allows authenticated attackers to read arbitrary files on the system. This affects all Qsync Central installations before version 5.0.0.4. Attackers need valid user credentials to exploit this vulnerability.

💻 Affected Systems

Products:

Qsync Central

Versions: All versions before 5.0.0.4

Operating Systems: QNAP QTS operating system

Default Config Vulnerable: ⚠️ Yes

Notes: Vulnerability exists in the default configuration of affected Qsync Central versions.

📦 What is this software?

Qsync Central by Qnap

View all CVEs affecting Qsync Central →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system compromise through reading sensitive configuration files, credentials, or system data leading to privilege escalation or lateral movement.

🟠

Likely Case

Unauthorized access to sensitive files containing configuration data, user information, or application secrets.

🟢

If Mitigated

Limited file access within the application's intended directory scope if proper input validation is implemented.

🌐 Internet-Facing: MEDIUM - Requires authentication but could be exploited if exposed to internet with weak credentials.

🏢 Internal Only: MEDIUM - Internal attackers with valid credentials could access sensitive system files.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploitation requires valid user credentials but path traversal vulnerabilities are typically straightforward to exploit once authenticated.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Qsync Central 5.0.0.4 (2026/01/20) and later

Vendor Advisory: https://www.qnap.com/en/security-advisory/qsa-26-02

Restart Required: Yes

Instructions:

1. Log into QNAP App Center. 2. Check for updates to Qsync Central. 3. Install version 5.0.0.4 or later. 4. Restart Qsync Central service.

🔧 Temporary Workarounds

Restrict User Access

all

Limit Qsync Central access to only trusted users with strong authentication requirements.

Network Segmentation

all

Isolate Qsync Central from sensitive systems and limit network access.

🧯 If You Can't Patch

Implement strict access controls and monitor for unusual file access patterns
Deploy network segmentation to limit potential lateral movement from compromised systems

🔍 How to Verify

Check if Vulnerable:

Check Qsync Central version in QNAP App Center or via SSH: cat /etc/config/uLinux.conf | grep qsync

Check Version:

cat /etc/config/uLinux.conf | grep 'qsync.*version'

Verify Fix Applied:

Verify Qsync Central version is 5.0.0.4 or later in App Center

📡 Detection & Monitoring

Log Indicators:

Unusual file access patterns in Qsync Central logs
Multiple failed authentication attempts followed by file access

Network Indicators:

Unusual outbound connections from Qsync Central server
Traffic patterns indicating file enumeration

SIEM Query:

source="qsync*" AND (event="file_access" OR event="directory_traversal")

📊 Metadata

CVE ID: CVE-2025-58470

CVSS v3 Score: 6.5 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CWE: CWE-22

EPSS Score: 0.05% exploit probability (16.2th percentile)

Published: February 11, 2026

Last Updated: February 12, 2026

🔗 References

https://www.qnap.com/en/security-advisory/qsa-26-02 Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-58470, you might also want to check these: