NULL Pointer Dereference Vulnerability in QNAP File Station 5
CVE-2025-29901

7.1HIGH

Key Information:

Vendor

QNAP
Status
File Station 5
Vendor
CVE Published:
26 August 2025

What is CVE-2025-29901?

A NULL pointer dereference vulnerability has been identified in QNAP's File Station 5. This issue permits remote attackers who have a user account to exploit the vulnerability and initiate a denial-of-service (DoS) attack. It is crucial for users to update to version 5.5.6.4933 or later to mitigate this risk. Detailed information can be found in the QNAP security advisory.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

File Station 5 5.5.x < 5.5.6.4933

References

https://www.qnap.com/en/security-advisory/qsa-25-31

CVSS V4

Score:
7.1
Severity:
HIGH
Confidentiality:
None
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

coral
JSON
.