Vulnerability Database

315,363

Total vulnerabilities in the database

CVE-2025-63685

Quark Cloud Drive v3.23.2 has a DLL Hijacking vulnerability. This vulnerability stems from the insecure loading of system libraries. Specifically, the application does not validate the path or signature of [regsvr32.exe] it loads. An attacker can place a crafted malicious DLL in the application's startup directory, which will be loaded and executed when the user launches the program.

Published: Nov 20, 2025
Updated: Dec 17, 2025
CVE: CVE-2025-63685
Severity: Critical
Exploit:

CVSS v3:

Severity: Critical
Score: 9.8
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWEs:

CWE-491

Affected Software
References

Software	From	Fixed in
quark / quark_cloud_drive	3.23.2	3.23.2.x

https://github.com/QIU-DIE/CVE/issues/5

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo