Skip to main content

File Station CVE-2026-22894

MEDIUM
Path Traversal (CWE-22)
2026-02-11 security@qnapsecurity.com.tw
Path Traversal File Station
6.5
CVSS 3.1
Share

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
None

Lifecycle Timeline

2
Analysis Generated
Mar 12, 2026 - 22:02 vuln.today
CVE Published
Feb 11, 2026 - 13:15 nvd
MEDIUM 6.5

DescriptionNVD

A path traversal vulnerability has been reported to affect File Station 6. If a remote attacker gains a user account, they can then exploit the vulnerability to read the contents of unexpected files or system data.

We have already fixed the vulnerability in the following version: File Station 5 5.5.6.5190 and later

AnalysisAI

File Station 6 contains a path traversal vulnerability that allows authenticated attackers to read arbitrary files and system data on affected systems. An attacker with valid user credentials can exploit this flaw to access sensitive information beyond intended restrictions. …

Sign in for full analysis, threat intelligence, and remediation guidance.

RemediationAI

Within 30 days: Identify affected systems and apply vendor patches as part of regular patch cycle. Review file handling controls.

Sign in for detailed remediation steps.

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

Sign in - Free

Share

CVE-2026-22894 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy