CVE-2025-47207 – A NULL pointer dereference vulnerability in QNA... (How to Fix)

Q: What is the severity of CVE-2025-47207?

CVE-2025-47207 has a CVSS score of 6.5 (MEDIUM). A NULL pointer dereference vulnerability in QNAP File Station allows authenticated attackers to cause denial-of-service conditions. This affects users running vulnerable versions of File Station 5. Attackers need valid user credentials to exploit this vulnerability.

📋 TL;DR

A NULL pointer dereference vulnerability in QNAP File Station allows authenticated attackers to cause denial-of-service conditions. This affects users running vulnerable versions of File Station 5. Attackers need valid user credentials to exploit this vulnerability.

💻 Affected Systems

Products:

QNAP File Station 5

Versions: Versions before 5.5.6.5018

Operating Systems: QTS, QuTS hero

Default Config Vulnerable: ⚠️ Yes

Notes: Requires File Station to be enabled and accessible. Attackers need valid user credentials.

📦 What is this software?

File Station by Qnap

View all CVEs affecting File Station →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete service disruption of File Station functionality, potentially affecting file access and management services.

🟠

Likely Case

Temporary service interruption of File Station until system restart or service recovery.

🟢

If Mitigated

Minimal impact with proper access controls and monitoring in place.

🌐 Internet-Facing: MEDIUM - Requires authentication but internet-facing systems are accessible to attackers.

🏢 Internal Only: MEDIUM - Internal attackers with valid credentials can still cause service disruption.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploitation requires authenticated access. NULL pointer dereference vulnerabilities are typically straightforward to trigger once the vulnerable code path is identified.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: File Station 5 5.5.6.5018 and later

Vendor Advisory: https://www.qnap.com/en/security-advisory/qsa-25-38

Restart Required: Yes

Instructions:

1. Log into QNAP NAS admin interface. 2. Go to App Center. 3. Check for updates to File Station. 4. Update to version 5.5.6.5018 or later. 5. Restart the File Station service or the entire NAS if required.

🔧 Temporary Workarounds

Disable File Station

all

Temporarily disable File Station service if not required

Go to Control Panel > Applications > File Station > Disable

Restrict Access

all

Limit File Station access to trusted networks only

Configure firewall rules to restrict access to File Station ports (typically 80/443)

🧯 If You Can't Patch

Implement strict access controls and monitor for suspicious authentication attempts
Isolate vulnerable systems from untrusted networks and implement network segmentation

🔍 How to Verify

Check if Vulnerable:

Check File Station version in QNAP App Center or via SSH: cat /etc/config/uLinux.conf | grep FileStation

Check Version:

cat /etc/config/uLinux.conf | grep 'FileStation.*version'

Verify Fix Applied:

Verify File Station version is 5.5.6.5018 or higher in App Center

📡 Detection & Monitoring

Log Indicators:

Multiple authentication failures followed by File Station service crashes
Unexpected File Station process termination logs

Network Indicators:

Multiple authentication attempts to File Station followed by service unavailability

SIEM Query:

source="qnap_logs" AND (process="FileStation" AND event="crash") OR (auth_failure AND destination_port IN (80,443,8080,8443))

📊 Metadata

CVE ID: CVE-2025-47207

CVSS v3 Score: 6.5 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE: CWE-476

EPSS Score: 0.16% exploit probability (36.6th percentile)

Published: November 7, 2025

Last Updated: November 14, 2025

🔗 References

https://www.qnap.com/en/security-advisory/qsa-25-38 Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-47207, you might also want to check these: