QNAP Download Station
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in QNAP Download Station.
By the Year
In 2026 there have been 0 vulnerabilities in QNAP Download Station. Last year, in 2025 Download Station had 2 security vulnerabilities published. Right now, Download Station is on track to have less security vulnerabilities in 2026 than it did last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 0 | 0.00 |
| 2025 | 2 | 0.00 |
| 2024 | 1 | 5.40 |
It may take a day or so for new Download Station vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent QNAP Download Station Security Vulnerabilities
Path Traversal in Synology Download Station 5.10.0.304+
CVE-2025-58463
- November 07, 2025
A relative path traversal vulnerability has been reported to affect Download Station. If a remote attacker gains an administrator account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the following versions: Download Station 5.10.0.305 ( 2025/09/16 ) and later Download Station 5.10.0.304 ( 2025/09/08 ) and later
Relative Path Traversal
XSS in Download Station v<5.10.0.304> - remote account bypass
CVE-2025-58465
- November 07, 2025
A cross-site scripting (XSS) vulnerability has been reported to affect Download Station. If a remote attacker gains a user account, they can then exploit the vulnerability to bypass security mechanisms or read application data. We have already fixed the vulnerability in the following versions: Download Station 5.10.0.305 ( 2025/09/16 ) and later Download Station 5.10.0.304 ( 2025/09/08 ) and later
XSS
Download Station 5.8.x XSS Enables Authenticated Network Code Injection
CVE-2024-38640
5.4 - Medium
- September 06, 2024
A cross-site scripting (XSS) vulnerability has been reported to affect Download Station. If exploited, the vulnerability could allow authenticated users to inject malicious code via a network. We have already fixed the vulnerability in the following version: Download Station 5.8.6.283 ( 2024/06/21 ) and later
XSS
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for QNAP Download Station or by QNAP? Click the Watch button to subscribe.
