Multiple Vulnerabilities in File Station 5

Summary

Multiple vulnerabilities have been reported to affect File Station 5:

• CVE-2025-53410: Allocation of resources without limits or throttling vulnerability
  If a remote attacker gains access to a user account, they can then exploit the vulnerability to prevent other systems, applications, or processes from accessing the same type of resource.
• CVE-2025-53409, CVE-2025-53411, CVE-2025-53413: Allocation of resources without limits or throttling vulnerabilities
  If a remote attacker gains access to an administrator account, they can then exploit the vulnerabilities to prevent other systems, applications, or processes from accessing the same type of resource.
• CVE-2025-47207, CVE-2025-52865, CVE-2025-53408, CVE-2025-53412: NULL pointer dereference vulnerabilities
  If a remote attacker gains access to a user account, they can then exploit the vulnerabilities to launch a denial-of-service (DoS) attack.
• CVE-2025-57706: Cross-site scripting (XSS) vulnerability
  If a remote attacker gains access to a user account, they can then exploit the vulnerability to bypass security mechanisms or read application data.

We have already fixed the vulnerabilities in the following version:

Recommendation

To fix the vulnerabilities, we recommend updating File Station 5 to the latest version.

Updating File Station 5

1. Log on to QTS or QuTS hero as an administrator.
2. Open App Center and then click .
   A search box appears.
3. Type "File Station 5" and then press ENTER.
   File Station 5 appears in the search results.
4. Click Update.
   A confirmation message appears.
   Note: The Update button is not available if your File Station 5 is already up to date.
5. Click OK.
   The system updates the application.