- Description
- An improper certificate validation vulnerability has been reported to affect File Station 5. If exploited, the vulnerability could allow remote attackers who have gained user access to compromise the security of the system. We have already fixed the vulnerability in the following versions: File Station 5 5.5.6.4791 and later and later
- Source
- security@qnapsecurity.com.tw
- NVD status
- Analyzed
CVSS 4.0
- Type
- Secondary
- Base score
- 8.3
- Impact score
- -
- Exploitability score
- -
- Vector string
- CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
- Severity
- HIGH
CVSS 3.1
- Type
- Primary
- Base score
- 8.8
- Impact score
- 5.9
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
- security@qnapsecurity.com.tw
- CWE-295
- Hype score
- Not currently trending
“QNAP Qsync Central” və “File Station 5"də boşluqlar (CVE-2025-29892, CVE-2025-22482, CVE-2025-22486, CVE-2025-29883, CVE-2025-29884, CVE-2025-29885) aşkar olunub #ETX #certaz #cybersecurity #kibertəhlükəsizlik #xəbərdarlıq https://t.co/CjR37itri9
@CERTAzerbaijan
12 Jun 2025
41 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[CVE-2025-29884: HIGH] Critical cyber security update: Vulnerability in File Station 5 fixed in versions 5.5.6.4791+. Attackers could compromise system security. Update now!#cve,CVE-2025-29884,#cybersecurity https://t.co/jGLjozQlWS https://t.co/YKztzT6J8Z
@CveFindCom
6 Jun 2025
49 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:qnap:file_station:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3C8F7109-4680-420D-A8AC-3D41C4263B93",
"versionEndExcluding": "5.5.6.4791",
"versionStartIncluding": "5.5.6.4691"
}
],
"operator": "OR"
}
]
}
]