Out-of-Bounds Read Vulnerability in File Station by QNAP
CVE-2025-29871

2.4LOW

Key Information:

Vendor

QNAP
Status
File Station 5
Vendor
CVE Published:
6 June 2025

What is CVE-2025-29871?

An out-of-bounds read vulnerability exists in File Station 5, potentially allowing local attackers with administrator accounts to access sensitive information. This security flaw enables unauthorized data exposure, posing a significant risk to user privacy and system integrity. Users are encouraged to update to File Station 5 version 5.5.6.4847 or later to mitigate this vulnerability.

Affected Version(s)

File Station 5 5.5.x < 5.5.6.4847

References

https://www.qnap.com/en/security-advisory/qsa-25-16

CVSS V4

Score:
2.4
Severity:
LOW
Confidentiality:
Low
Integrity:
None
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
Unknown

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

coral
.
CVE-2025-29871 : Out-of-Bounds Read Vulnerability in File Station by QNAP