CVE-2025-53408
Unknown
Unknown - Not Provided
BaseFortify
Publication date: 2025-11-07
Last updated on: 2025-11-14
Assigner: QNAP Systems, Inc.
Description
Description
A NULL pointer dereference vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack.
We have already fixed the vulnerability in the following version:
File Station 5 5.5.6.5018 and later
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| qnap | file_station | From 5.5.6.4691 (inc) to 5.5.6.5018 (exc) |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-476 | The product dereferences a pointer that it expects to be valid but is NULL. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a NULL pointer dereference in File Station 5. It can be exploited by a remote attacker who has a user account to cause a denial-of-service (DoS) attack by triggering the vulnerability.
How can this vulnerability impact me? :
If exploited, this vulnerability can cause a denial-of-service (DoS) condition, making the affected File Station 5 service unavailable or unstable.
What immediate steps should I take to mitigate this vulnerability?
To mitigate this vulnerability, immediately upgrade File Station 5 to version 5.5.6.5018 or later, as the vulnerability has been fixed in these versions.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70