CVE-2026-24724
HIGH WAF: Low
CVSS 8.1
Published: 2026-06-10
CWE-863
An incorrect authorization vulnerability has been reported to affect File Station 6. If a remote attacker gains a user account, they can then exploit the vulnerability to bypass intended access restrictions. We have already fixed the vulnerability in the following version: File Station 5 5.5.6.5243 and later
WAF Coverage Analysis
Incorrect Authorization
Low WAF Coverage
OWASP: A01:2021 Broken Access Control
Affected Software
| Vendor | Product | Version |
|---|---|---|
| qnap | file_station | 5.5.6.4691 - 5.5.6.5243 |
References
- www.qnap.com (Broken Link)