CVE-2025-63685

Published: Nov 20, 2025

Modified: Nov 21, 2025

PUBLISHED

Description

Quark Cloud Drive v3.23.2 has a DLL Hijacking vulnerability. This vulnerability stems from the insecure loading of system libraries. Specifically, the application does not validate the path or signature of [regsvr32.exe] it loads. An attacker can place a crafted malicious DLL in the application's startup directory, which will be loaded and executed when the user launches the program.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://github.com/QIU-DIE/CVE/issues/5

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2025-63685

Description

Affected Products

References