以下是关于该漏洞的关键信息: Security ID: QSA-25-41 Title: Vulnerability in Qsync Central Release date: November 8, 2025 CVE identifier: CVE-2025-57712 Affected products: Qsync Central 5.0.x - Severity: Important - Status: Resolved Summary: A path traversal vulnerability has been reported to affect Qsync Central. If a remote attacker gains access to a user account, they can then exploit the vulnerability to read the contents of unexpected files or system data. The vulnerability was fixed in Qsync Central 5.0.0.3 (2025/08/28) and later. Recommendation: To fix the vulnerability, update Qsync Central to the latest version. Acknowledgements: coral Revision History: V1.0 (November 8, 2025) - Published