CVE-2025-29873

Severity CVSS v4.0:
MEDIUM
Type:
CWE-476 NULL Pointer Dereference
Publication date:
06/06/2025
Last modified:
18/06/2025

Description

A NULL pointer dereference vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack.<br /> <br /> We have already fixed the vulnerability in the following version:<br /> File Station 5 5.5.6.4847 and later

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:qnap:file_station:*:*:*:*:*:*:*:* 5.5.6.4691 (including) 5.5.6.4847 (excluding)


References to Advisories, Solutions, and Tools