CVE-2026-24724: File Station 5
Published Jun 10, 2026
·Updated
An incorrect authorization vulnerability has been reported to affect File Station 6. If a remote attacker gains a user account, they can then exploit the vulnerability to bypass intended access restrictions. We have already fixed the vulnerability in the following version: File Station 5 5.5.6.5243 and later
Affected Software
2 affected components
Synology File Station 6
Synology File Station 5<5.5.6.5243
Remediation
Information
We have already fixed the vulnerability in the following version:
File Station 5 5.5.6.5243 and later
Event History
Jun 10, 2026
CVE Published
via MITRE·03:15 AM
Data Sourced
via MITRE·03:15 AM
RemedyDescriptionWeakness
Data Sourced
via NVD·04:17 AM
DescriptionSeverityWeakness
Frequently Asked Questions
1
What is the severity of CVE-2026-24724?
CVE-2026-24724 has a severity rating of high with a CVSS score of 8.6.
2
How do I fix CVE-2026-24724?
To fix CVE-2026-24724, upgrade to File Station 5 version 5.5.6.5243 or later.
3
What software is affected by CVE-2026-24724?
CVE-2026-24724 affects Synology File Station 6 and Synology File Station 5.
4
What type of vulnerability is CVE-2026-24724?
CVE-2026-24724 is an incorrect authorization vulnerability.
5
What can happen if CVE-2026-24724 is exploited?
If exploited, a remote attacker with a user account can bypass intended access restrictions.