CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-29899

An allocation of resources without limits or throttling vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to prevent other systems, applications, or processes from accessing the same type of resource. We have already fixed the vulnerability in the following version: File Station 5 5.5.6.4907 and later

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 45.0%

CVSS Severity

CVSS v3 Score 6.5

References

https://www.qnap.com/en/security-advisory/qsa-25-19

Products affected by CVE-2025-29899

Qnap » File Station » Version: 5.5.6.4691

cpe:2.3:a:qnap:file_station:5.5.6.4691
Qnap » File Station » Version: 5.5.6.4715

cpe:2.3:a:qnap:file_station:5.5.6.4715
Qnap » File Station » Version: 5.5.6.4741

cpe:2.3:a:qnap:file_station:5.5.6.4741
Qnap » File Station » Version: 5.5.6.4783

cpe:2.3:a:qnap:file_station:5.5.6.4783
Qnap » File Station » Version: 5.5.6.4791

cpe:2.3:a:qnap:file_station:5.5.6.4791
Qnap » File Station » Version: 5.5.6.4847

cpe:2.3:a:qnap:file_station:5.5.6.4847

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-29899

Products

Pricing

Contact Us