Multiple Vulnerabilities in File Station 5

Summary

Multiple vulnerabilities have been reported to affect File Station 5:

• CVE-2025-22484, CVE-2025-29872: Allocation of resources without limits or throttling vulnerabilities
  If a remote attacker gains access to a user account, they can then exploit the vulnerabilities to prevent other systems, applications, or processes from accessing the same type of resource.
• CVE-2025-22490, CVE-2025-29873, CVE-2025-29876, CVE-2025-29877: NULL pointer dereference vulnerabilities
  If a remote attacker gains access to a user account, they can then exploit the vulnerabilities to launch a denial-of-service (DoS) attack.
• CVE-2025-29871: Out-of-bounds read vulnerability
  If a local attacker gains access to an administrator account, they can then exploit the vulnerability to obtain secret data.
• CVE-2025-33035: Path traversal vulnerability
  If a remote attacker gains access to a user account, they can then exploit the vulnerability to read the contents of unexpected files or system data.
• CVE-2025-30279, CVE-2025-33031: Improper certificate validation vulnerabilities
  If a remote attacker gains access to a user account, they can then exploit the vulnerabilities to compromise the security of the system.

We have already fixed the vulnerabilities in the following version:

Recommendation

To fix the vulnerabilities, we recommend updating File Station 5 to the latest version.

Updating File Station 5

1. Log on to QTS or QuTS hero as an administrator.
2. Open App Center and then click .
   A search box appears.
3. Type "File Station 5" and then press ENTER.
   File Station 5 appears in the search results.
4. Click Update.
   A confirmation message appears.
   Note: The Update button is not available if your File Station 5 is already up to date.
5. Click OK.
   The system updates the application.