Skip to main content

QNAP File Station CVE-2026-24724

| EUVD-2026-35980 HIGH
Incorrect Authorization (CWE-863)
2026-06-10 qnap GHSA-q4p9-vcgx-vmc3
Authentication Bypass File Station 5
8.6
CVSS 4.0 · Vendor: qnap
Share

Severity by source

Vendor (qnap) PRIMARY
8.6 HIGH
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from Vendor (qnap) · only source for this CVE.

CVSS VectorVendor: qnap

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
X

Lifecycle Timeline

4
Analysis Generated
Jun 10, 2026 - 06:21 vuln.today
Patch available
Jun 10, 2026 - 05:01 EUVD
CVSS changed
Jun 10, 2026 - 04:22 NVD
8.6 (HIGH)
CVE Published
Jun 10, 2026 - 03:15 nvd
UNKNOWN (no severity yet)

DescriptionCVE.org

An incorrect authorization vulnerability has been reported to affect File Station 6. If a remote attacker gains a user account, they can then exploit the vulnerability to bypass intended access restrictions.

We have already fixed the vulnerability in the following version: File Station 5 5.5.6.5243 and later

AnalysisAI

Authorization bypass in QNAP File Station 5 (versions 5.5.0 through 5.5.6.5243) allows a remote attacker with a valid low-privileged user account to circumvent intended access restrictions and reach files or operations they should not be able to access. The flaw was reported by QNAP itself with a CVSS 4.0 score of 8.6 reflecting high confidentiality and integrity impact, and there is no public exploit identified at time of analysis. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts
Continue with Google Continue with GitHub

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Identify internet-reachable QNAP NAS
Delivery
Obtain low-privileged File Station credentials
Exploit
Authenticate to File Station web UI
Execution
Send crafted request bypassing authorization check
Persist
Access or modify other users' files
Impact
Exfiltrate sensitive data
Sign in to reveal

Vulnerability AssessmentAI

Exploitation Exploitation requires the attacker to already hold a valid authenticated user account on File Station 5 (CVSS PR:L), meaning any account that can log into the NAS web UI - including low-privileged or guest-level users - is sufficient; no admin role and no user interaction from a victim is needed. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The CVSS 4.0 vector AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N indicates a network-reachable, low-complexity attack that requires only low-privileged credentials and no user interaction, yielding high confidentiality and integrity impact but no availability impact - consistent with an authorization bypass that exposes other users' files. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker obtains valid low-privileged File Station credentials on a target QNAP NAS - for example through credential stuffing against an internet-reachable NAS, a phished employee account, or abuse of a stale guest account. Authenticated as that user, the attacker sends crafted File Station requests that the application accepts despite the user lacking permission, allowing them to read, copy, or modify files belonging to other users or shares they should not reach. …
Remediation Apply the vendor-released patch: upgrade File Station 5 to version 5.5.6.5243 or later via the QNAP App Center on each affected NAS, per QNAP advisory QSA-26-29 (https://www.qnap.com/en/security-advisory/qsa-26-29). … Detailed patch versions, workarounds, and compensating controls in full report.
Sign in to read full assessment

Recommended ActionAI

24 hours: Identify all QNAP File Station 5 deployments running versions 5.5.0-5.5.6.5243 and apply network-level access restrictions or enhanced monitoring. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

More from same product – last 7 days

CVE-2026-26239 HIGH
8.7 Jun 10

Stack-based buffer overflow in QNAP File Station 5 versions 5.5.0 through 5.5.6.5208 allows authenticated remote attacke
CVE-2026-22899 MEDIUM
5.3 Jun 10

NULL pointer dereference in QNAP File Station 5 enables authenticated remote attackers to crash the service and cause a

CVE-2026-24720 MEDIUM
5.3 Jun 10

Resource exhaustion in QNAP File Station 5 (versions 5.5.0 through 5.5.6.5242) allows a remote attacker holding a low-pr

Share

CVE-2026-24724 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy