Resource Throttling Vulnerability in QNAP File Station
CVE-2026-24720

1.3LOW

Key Information:

Vendor

QNAP

Vendor
CVE Published:
10 June 2026

What is CVE-2026-24720?

A vulnerability has been identified in QNAP's File Station that allows a remote attacker with user account privileges to exploit resource management protocols. This exploitation can lead to a denial of access for other systems and applications attempting to use the same resources, potentially leading to service disruption. The issue arises from inadequate limits or throttling on resource allocation. QNAP has addressed this vulnerability in versions 5.5.6.5243 and later of File Station 5.

Affected Version(s)

File Station 5 5.5.0 < 5.5.6.5243

References

CVSS V4

Score:
1.3
Severity:
LOW
Confidentiality:
None
Integrity:
None
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

coral
.