CVE-2024-50404

HIGH

Qsync Central 4.4.0-4.4.0.15 - Authenticated Path Traversal via Symbolic Link

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2024-50404. PoCs published by C411e.

AI-analyzed exploit summary This PoC exploits a symlink traversal vulnerability in Qsync Central, allowing authenticated users to read arbitrary files (e.g., /etc/shadow) and modify their permissions via ZIP upload and extraction. The exploit chain involves uploading a symlink, extracting it, and abusing the set_privilege function to escalate impact.

Description

A link following vulnerability has been reported to affect Qsync Central. If exploited, the vulnerability could allow remote attackers who have gained user access to traverse the file system to unintended locations. We have already fixed the vulnerability in the following versions: Qsync Central 4.4.0.16_20240819 ( 2024/08/19 ) and later

Exploits (1)

nomisec WORKING POC 1 stars
by C411e · poc
https://github.com/C411e/CVE-2024-50404

This PoC exploits a symlink traversal vulnerability in Qsync Central, allowing authenticated users to read arbitrary files (e.g., /etc/shadow) and modify their permissions via ZIP upload and extraction. The exploit chain involves uploading a symlink, extracting it, and abusing the set_privilege function to escalate impact.

Classification
Working Poc 100%
Attack Type
Info Leak
Complexity
Moderate
Reliability
Reliable
Target: Qsync Central 4.4.x
Auth required
Prerequisites: Valid user credentials with file upload permissions · Network access to the Qsync Central interface
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (1)

Core 1
Core References

Scores

CVSS v3 8.8
EPSS 0.0137
EPSS Percentile 68.2%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact partial

Details

CWE
CWE-59
Status published
Products (1)
qnap/qsync_central 4.4.0 - 4.4.0.16
Published Dec 06, 2024
Tracked Since Feb 18, 2026