Qnap Systems Inc File Station 5 vulnerabilities
49 known vulnerabilities affecting qnap_systems_inc/file_station_5.
Total CVEs
49
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH15MEDIUM18LOW16
Vulnerabilities
Page 3 of 3
CVE-2025-22486HIGHCVSS 7.1≥ 5.5.x, < 5.5.6.47912025-06-06
CVE-2025-22486 [HIGH] CWE-295 CVE-2025-22486: An improper certificate validation vulnerability has been reported to affect File Station 5. If expl
An improper certificate validation vulnerability has been reported to affect File Station 5. If exploited, the vulnerability could allow remote attackers who have gained user access to compromise the security of the system.
We have already fixed the vulnerability in the following versions:
File Station 5 5.5.6.4791 and later
and later
cvelistv5nvd
CVE-2025-29872HIGHCVSS 7.1≥ 5.5.x, < 5.5.6.48472025-06-06
CVE-2025-29872 [HIGH] CWE-770 CVE-2025-29872: An allocation of resources without limits or throttling vulnerability has been reported to affect Fi
An allocation of resources without limits or throttling vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to prevent other systems, applications, or processes from accessing the same type of resource.
We have already fixed the vulnerability in the following ver
cvelistv5nvd
CVE-2025-33035HIGHCVSS 7.2≥ 5.5.x, < 5.5.6.48472025-06-06
CVE-2025-33035 [HIGH] CWE-22 CVE-2025-33035: A path traversal vulnerability has been reported to affect File Station 5. If a remote attacker gai
A path traversal vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to read the contents of unexpected files or system data.
We have already fixed the vulnerability in the following version:
File Station 5 5.5.6.4847 and later
cvelistv5nvd
CVE-2025-29877MEDIUMCVSS 5.3≥ 5.5.x, < 5.5.6.48472025-06-06
CVE-2025-29877 [MEDIUM] CWE-476 CVE-2025-29877: A NULL pointer dereference vulnerability has been reported to affect File Station 5. If a remote at
A NULL pointer dereference vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack.
We have already fixed the vulnerability in the following version:
File Station 5 5.5.6.4847 and later
cvelistv5nvd
CVE-2025-22490MEDIUMCVSS 5.3≥ 5.5.x, < 5.5.6.48472025-06-06
CVE-2025-22490 [MEDIUM] CWE-476 CVE-2025-22490: A NULL pointer dereference vulnerability has been reported to affect File Station 5. If a remote at
A NULL pointer dereference vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack.
We have already fixed the vulnerability in the following version:
File Station 5 5.5.6.4847 and later
cvelistv5nvd
CVE-2025-29876MEDIUMCVSS 5.3≥ 5.5.x, < 5.5.6.48472025-06-06
CVE-2025-29876 [MEDIUM] CWE-476 CVE-2025-29876: A NULL pointer dereference vulnerability has been reported to affect File Station 5. If a remote at
A NULL pointer dereference vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack.
We have already fixed the vulnerability in the following version:
File Station 5 5.5.6.4847 and later
cvelistv5nvd
CVE-2025-29873MEDIUMCVSS 5.3≥ 5.5.x, < 5.5.6.48472025-06-06
CVE-2025-29873 [MEDIUM] CWE-476 CVE-2025-29873: A NULL pointer dereference vulnerability has been reported to affect File Station 5. If a remote at
A NULL pointer dereference vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack.
We have already fixed the vulnerability in the following version:
File Station 5 5.5.6.4847 and later
cvelistv5nvd
CVE-2025-29871LOWCVSS 2.4≥ 5.5.x, < 5.5.6.48472025-06-06
CVE-2025-29871 [LOW] CWE-125 CVE-2025-29871: An out-of-bounds read vulnerability has been reported to affect File Station 5. If a local attacker
An out-of-bounds read vulnerability has been reported to affect File Station 5. If a local attacker gains an administrator account, they can then exploit the vulnerability to obtain secret data.
We have already fixed the vulnerability in the following version:
File Station 5 5.5.6.4847 and later
cvelistv5nvd
CVE-2024-48864MEDIUMCVSS 5.3≥ 5.5.x, < 5.5.6.47412025-03-07
CVE-2024-48864 [MEDIUM] CWE-552 CVE-2024-48864: A files or directories accessible to external parties vulnerability has been reported to affect File
A files or directories accessible to external parties vulnerability has been reported to affect File Station 5. If exploited, the vulnerability could allow remote attackers to read/write files or directories.
We have already fixed the vulnerability in the following versions:
File Station 5 5.5.6.4741 and later
cvelistv5nvd
← Previous3 / 3