File Station 5_CVE-2025-29890

7.1 / 10

HIGH

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

Description

An allocation of resources without limits or throttling vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to prevent other systems, applications, or processes from accessing the same type of resource.

We have already fixed the vulnerability in the following version:
File Station 5 5.5.6.4907 and later

Basic Information

ID CVE-2025-29890

Source qnap

Published Aug 29, 2025 at 17:14

Affected Product

Vendor QNAP Systems Inc.

Product File Station 5

Version 5.5.x

Affected Versions QNAP Systems Inc. File Station 5 5.5.x

CWE Classification

CWE-770

References

www.qnap.com /en/security-advisory/qsa-25-19

{
    "lastseen": "",
    "description": "An allocation of resources without limits or throttling vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to prevent other systems, applications, or processes from accessing the same type of resource.\n\nWe have already fixed the vulnerability in the following version:\nFile Station 5 5.5.6.4907 and later",
    "published": "2025-08-29T17:14:52.094Z",
    "modified": "2025-08-29T17:14:52.094Z",
    "type": "cve",
    "title": "File Station 5",
    "source": "qnap",
    "references": "https://www.qnap.com/en/security-advisory/qsa-25-19",
    "id": "CVE-2025-29890",
    "bulletinFamily": "",
    "cwe": [
        "CWE-770"
    ],
    "cvelist": null,
    "sourceData": "QNAP Systems Inc. File Station 5 5.5.x",
    "sourceHref": "",
    "cvss": {
        "score": 7.1,
        "severity": "HIGH",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "File Station 5",
    "version": "5.5.x",
    "vendor": "QNAP Systems Inc.",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}