Cyber Resilience

CVE-2025-57713

Low

Published: 11 February 2026

Published
11 February 2026
Modified
12 February 2026
KEV Added
Patch
CVSS Score v4 1.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
EPSS Score 0.0008 24.4th percentile
Risk Priority 3 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-57713 is a low-severity Weak Authentication (CWE-1390) vulnerability in Qnap File Station. Its CVSS base score is 1.3 (Low).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 24.4th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 AC-14 (Permitted Actions Without Identification or Authentication) and IA-8 (Identification and Authentication (Non-organizational Users)).

Deeper analysis

CVE-2025-57713 is a weak authentication vulnerability affecting File Station 5, a file management component in QNAP NAS devices. Rated at a CVSS v3.1 base score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N) and mapped to CWE-1390, the flaw enables remote attackers to bypass authentication mechanisms and access sensitive information. The vulnerability was publicly disclosed on February 11, 2026.

Remote, unauthenticated attackers can exploit this vulnerability over the network with low complexity and no user interaction required. Successful exploitation grants access to sensitive data hosted by File Station 5, resulting in high confidentiality impact but no disruption to integrity or availability.

QNAP's security advisory (QSA-26-03) confirms the issue has been addressed in File Station 5 version 5.5.6.5166 and later. Security practitioners should update affected systems immediately to mitigate the risk, as detailed in the advisory at https://www.qnap.com/en/security-advisory/qsa-26-03.

EU & UK References

Vulnerability details

A weak authentication vulnerability has been reported to affect File Station 5. The remote attackers can then exploit the vulnerability to gain sensitive information. We have already fixed the vulnerability in the following version: File Station 5 5.5.6.5166 and later

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
T1005 Data from Local System Collection
Adversaries may search local system sources, such as file systems, configuration files, local databases, virtual machine files, or process memory, to find files of interest and sensitive data prior to Exfiltration.
Why these techniques?

Weak auth bypass in public-facing File Station directly enables T1190 exploitation for unauth remote access; resulting sensitive data exposure maps to T1005.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

CVEs Like This One

CVE-2024-48864Same product: Qnap File Station
CVE-2025-47206Same product: Qnap File Station
CVE-2025-57707Same product: Qnap File Station
CVE-2025-66277Same product class: NAS / storage appliance
CVE-2025-59389Same product class: NAS / storage appliance
CVE-2025-52870Same product class: NAS / storage appliance
CVE-2025-29894Same product class: NAS / storage appliance
CVE-2025-52856Same product class: NAS / storage appliance
CVE-2025-62849Same product class: NAS / storage appliance
CVE-2025-59384Same product class: NAS / storage appliance

Affected Assets

qnap
file station
5.5.6.4691 — 5.5.6.5190

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Requires unique identification and authentication for non-organizational users, directly preventing remote attackers from exploiting weak authentication to access sensitive information in File Station.

prevent

Limits and authorizes actions performable without identification or authentication, mitigating unauthorized access to sensitive data via authentication bypass in File Station.

prevent

Mandates timely flaw remediation, such as applying the vendor patch for File Station 5.5.6.5166, to correct the specific weak authentication vulnerability.

References