CVE-2024-48864 — Files or Directories Accessible to External Parties in Systems INC File Station 5

CWE-552 — Files or Directories Accessible to External Parties3 documents3 sources

Severity

5.3MEDIUMNVD

EPSS

0.4%

top 41.47%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Qnap Systems INC File Station 5 Qnap File Station

Timeline

PublishedMar 7

Description

A files or directories accessible to external parties vulnerability has been reported to affect File Station 5. If exploited, the vulnerability could allow remote attackers to read/write files or directories. We have already fixed the vulnerability in the following versions: File Station 5 5.5.6.4741 and later

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:N/VA:N/SC:L/SI:N/SA:N

Affected Packages2 packages

▶NVDqnap/file_station5.5.6.4691 — 5.5.6.4741

▶CVEListV5qnap_systems_inc/file_station_55.5.x — 5.5.6.4741

🔴Vulnerability Details

GHSA

GHSA-h877-4279-qcfv: A files or directories accessible to external parties vulnerability has been reported to affect File Station 5↗2025-03-07

▶

CVEList

File Station 5↗2025-03-07

▶