Qsync Central Uncontrolled Resource Consumption Vulnerability Allowing Denial-of-Service

A vulnerability in Qsync Central versions 5.0.x has been identified, allowing for uncontrolled resource consumption. If a remote attacker with administrator access exploits this vulnerability, it can lead to a denial-of-service condition by causing other systems, applications, or processes to be unable to access the same type of resource. This vulnerability has been addressed in Qsync Central version 5.0.0.4, released on January 20, 2026.

Impact

Exploitation of this vulnerability can cause a denial-of-service condition, disrupting normal resource access for systems, applications, or processes.

Remediation

Users are advised to update Qsync Central to version 5.0.0.4 or later. Instructions for updating Qsync Central are available on the QNAP website.