Path traversal in QNAP Systems, Inc. products - CVE-2025-53594
Published: January 5, 2026
Vulnerability identifier: #VU120950
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2025-53594
CWE-ID: CWE-22
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vendor: QNAP Systems, Inc.
Affected software:
Qfinder Pro for Mac
Qsync Client for Mac
QVPN Device Client for Mac
Qfinder Pro for Mac
Qsync Client for Mac
QVPN Device Client for Mac
Detailed vulnerability description
The vulnerability allows a local user to perform directory traversal attacks.
The vulnerability exists due to input validation error when processing directory traversal sequences. A local user can send a specially crafted HTTP request and read arbitrary files on the system.
How to mitigate CVE-2025-53594
Install updates from vendor's website.