Security ID : QSA-25-19
Multiple Vulnerabilities in File Station 5
Release date : August 29, 2025
CVE identifier : CVE-2025-29874 | CVE-2025-29875 | CVE-2025-29878 | CVE-2025-29879 | CVE-2025-29886 | CVE-2025-29888 | CVE-2025-29889 | CVE-2025-29890 | CVE-2025-29899 | CVE-2025-29900
Affected products: File Station 5 version 5.5.x
Severity
Moderate
Status
Resolved
Summary
Multiple vulnerabilities have been reported to affect File Station 5:
- CVE-2025-29874, CVE-2025-29875, CVE-2025-29878, CVE-2025-29879, CVE-2025-29886, CVE-2025-29888, CVE-2025-29889
If a remote attacker gains access to a user account, they can then exploit the NULL pointer dereference vulnerabilities to launch a denial-of-service (DoS) attack. - CVE-2025-29890, CVE-2025-29899, CVE-2025-29900
If a remote attacker gains access to a user account, they can then exploit the allocation of resources without limits or throttling vulnerabilities to prevent other systems, applications, or processes from accessing the same type of resource.
We have already fixed the vulnerabilities in the following version:
| Affected Product | Fixed Version |
| File Station 5 version 5.5.x | File Station 5 version 5.5.6.4907 and later |
Recommendation
To fix the vulnerabilities, we recommend updating File Station 5 to the latest version.
Updating File Station 5
- Log on to QTS or QuTS hero as an administrator.
- Open App Center and then click
.
A search box appears. - Type "File Station 5" and then press ENTER.
File Station 5 appears in the search results. - Click Update.
A confirmation message appears.
Note: The Update button is not available if your File Station 5 is already up to date. - Click OK.
The system updates the application.
Attachment
- CVE-2025-29874.json
- CVE-2025-29878.json
- CVE-2025-29879.json
- CVE-2025-29886.json
- CVE-2025-29888.json
- CVE-2025-29889.json
- CVE-2025-29890.json
- CVE-2025-29899.json
- CVE-2025-29900.json
- CVE-2025-29875.json
Acknowledgements: coral
Revision History:
V1.0 (August 29, 2025) - Published
