CVE-2025-53594
Published: Jan 2, 2026
Modified: Jan 2, 2026
Description
A path traversal vulnerability has been reported to affect several product versions. If a local attacker gains a user account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the following versions: Qfinder Pro Mac 7.13.0 and later Qsync for Mac 5.1.5 and later QVPN Device Client for Mac 2.2.8 and later
| Vendor | Product | Versions |
|---|---|---|
QNAP Systems Inc. | Qfinder Pro Mac | affected 7.13.x - < 7.13.0 |
QNAP Systems Inc. | Qsync for Mac | affected 5.1.x - < 5.1.5 |
QNAP Systems Inc. | QVPN Device Client for Mac | affected 2.2.x - < 2.2.8 |
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now