Path Traversal Vulnerability in File Station by QNAP
CVE-2025-62855

1.3LOW

Key Information:

Vendor: QNAP
Status: File Station 5
Vendor: CVE Published:; 11 February 2026

What is CVE-2025-62855?

A path traversal vulnerability has been identified in File Station 5, allowing a local attacker with administrative privileges to manipulate file paths. This vulnerability enables the unauthorized reading of sensitive files or system data, posing a significant security risk. Affected users should upgrade to version 5.5.6.5190 or later to mitigate this issue.

Affected Version(s)

File Station 5 5.5.x < 5.5.6.5190

References

https://www.qnap.com/en/security-advisory/qsa-26-03

CVSS V4

Score:

1.3

Severity:

LOW

Confidentiality:

Low

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 11, 2026
Vulnerability Reserved
Oct 24, 2025

Credit

coral

CVE-2025-62855 Data

JSON