CVE-2025-54162 – This path traversal vulnerability in QNAP File ... (How to Fix)

Q: What is the severity of CVE-2025-54162?

CVE-2025-54162 has a CVSS score of 4.9 (MEDIUM). This path traversal vulnerability in QNAP File Station 5 allows authenticated administrators to read arbitrary files on the system. Attackers who compromise administrator credentials can access sensitive system data. Only QNAP NAS devices running vulnerable File Station versions are affected.

📋 TL;DR

This path traversal vulnerability in QNAP File Station 5 allows authenticated administrators to read arbitrary files on the system. Attackers who compromise administrator credentials can access sensitive system data. Only QNAP NAS devices running vulnerable File Station versions are affected.

💻 Affected Systems

Products:

QNAP File Station 5

Versions: Versions before 5.5.6.5068

Operating Systems: QTS (QNAP Turbo NAS Operating System)

Default Config Vulnerable: ⚠️ Yes

Notes: Requires administrator account access to exploit. File Station is typically enabled by default on QNAP NAS devices.

📦 What is this software?

File Station by Qnap

View all CVEs affecting File Station →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Full system compromise through reading sensitive configuration files, credentials, or system files that enable privilege escalation or lateral movement.

🟠

Likely Case

Data exfiltration of sensitive files, configuration exposure, or credential harvesting from accessible system files.

🟢

If Mitigated

Limited impact if administrator accounts are properly secured with strong credentials and multi-factor authentication.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploitation requires administrator credentials but uses simple path traversal techniques once authenticated.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: File Station 5 5.5.6.5068 and later

Vendor Advisory: https://www.qnap.com/en/security-advisory/qsa-26-03

Restart Required: Yes

Instructions:

1. Log into QNAP NAS web interface as administrator. 2. Go to App Center. 3. Check for updates to File Station. 4. Install version 5.5.6.5068 or later. 5. Restart the NAS if prompted.

🔧 Temporary Workarounds

Disable File Station

all

Temporarily disable File Station service if patching is not immediately possible

Restrict Administrator Access

all

Implement strict access controls for administrator accounts and enable multi-factor authentication

🧯 If You Can't Patch

Disable File Station service entirely through QNAP App Center
Implement network segmentation to isolate QNAP devices from sensitive networks

🔍 How to Verify

Check if Vulnerable:

Check File Station version in QNAP App Center. If version is below 5.5.6.5068, the system is vulnerable.

Check Version:

No CLI command available. Check via QNAP web interface: App Center → Installed Apps → File Station

Verify Fix Applied:

Confirm File Station version is 5.5.6.5068 or higher in App Center after update.

📡 Detection & Monitoring

Log Indicators:

Unusual file access patterns in File Station logs
Multiple failed authentication attempts followed by successful admin login
Access to system directories via File Station

Network Indicators:

Unusual outbound data transfers from QNAP device
Multiple requests to File Station API with path traversal patterns

SIEM Query:

source="qnap" AND (event="file_access" AND path CONTAINS "../") OR (auth_failure AND auth_success AND user="admin")

📊 Metadata

CVE ID: CVE-2025-54162

CVSS v3 Score: 4.9 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

CWE: CWE-22

EPSS Score: 0.05% exploit probability (14.9th percentile)

Published: February 11, 2026

Last Updated: February 12, 2026

🔗 References

https://www.qnap.com/en/security-advisory/qsa-26-03 Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-54162, you might also want to check these: