Page 13 of 68 results (0.015 seconds)

CVSS: 9.8EPSS: 1%CPEs: 25EXPL: 0

This improper link resolution vulnerability allows remote attackers to access system files. To fix this vulnerability, QNAP recommend updating QTS to their latest versions. Esta vulnerabilidad de resolución de enlace inapropiada, permite a atacantes remotos acceder a los archivos de sistema. Para corregir esta vulnerabilidad, QNAP recomienda actualizar QTS a sus últimas versiones. • https://www.qnap.com/zh-tw/security-advisory/nas-201911-27 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •

CVSS: 9.8EPSS: 97%CPEs: 8EXPL: 1

This external control of file name or path vulnerability allows remote attackers to access or modify system files. To fix the vulnerability, QNAP recommend updating Photo Station to their latest versions. Esta vulnerabilidad de control externo del nombre de archivo o de ruta permite a atacantes remotos acceder o modificar archivos del sistema. Para corregir la vulnerabilidad, QNAP recomienda actualizar Photo Station a sus últimas versiones. QNAP QTS and Photo Station version 6.0.3 suffers from a remote command execution vulnerability. • http://packetstormsecurity.com/files/157857/QNAP-QTS-And-Photo-Station-6.0.3-Remote-Command-Execution.html https://www.qnap.com/zh-tw/security-advisory/nas-201911-25 https://infosecwriteups.com/qnap-pre-auth-root-rce-affecting-450k-devices-on-the-internet-d55488d28a05 https://www.qnap.com/en-us/security-advisory/nas-201911-25 https://github.com/Imanfeng/QNAP-NAS-RCE • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •

CVSS: 9.8EPSS: 97%CPEs: 8EXPL: 1

This external control of file name or path vulnerability allows remote attackers to access or modify system files. To fix the vulnerability, QNAP recommend updating Photo Station to their latest versions. Esta vulnerabilidad de control externo del nombre de archivo o de ruta permite a atacantes remotos acceder o modificar archivos del sistema. Para corregir la vulnerabilidad, QNAP recomienda actualizar Photo Station a sus últimas versiones. QNAP QTS and Photo Station version 6.0.3 suffers from a remote command execution vulnerability. • http://packetstormsecurity.com/files/157857/QNAP-QTS-And-Photo-Station-6.0.3-Remote-Command-Execution.html https://www.qnap.com/zh-tw/security-advisory/nas-201911-25 https://infosecwriteups.com/qnap-pre-auth-root-rce-affecting-450k-devices-on-the-internet-d55488d28a05 https://www.qnap.com/en-us/security-advisory/nas-201911-25 https://github.com/Imanfeng/QNAP-NAS-RCE • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •

CVSS: 10.0EPSS: 95%CPEs: 16EXPL: 1

This improper input validation vulnerability allows remote attackers to inject arbitrary code to the system. To fix the vulnerability, QNAP recommend updating QTS to their latest versions. Esta vulnerabilidad de comprobación de entrada inapropiada permite a atacantes remotos inyectar código arbitrario al sistema. Para corregir la vulnerabilidad, QNAP recomienda actualizar QTS a sus últimas versiones. QNAP QTS and Photo Station version 6.0.3 suffers from a remote command execution vulnerability. • http://packetstormsecurity.com/files/157857/QNAP-QTS-And-Photo-Station-6.0.3-Remote-Command-Execution.html https://www.qnap.com/zh-tw/security-advisory/nas-201911-25 • CWE-20: Improper Input Validation •

CVSS: 9.8EPSS: 96%CPEs: 8EXPL: 1

This improper access control vulnerability allows remote attackers to gain unauthorized access to the system. To fix these vulnerabilities, QNAP recommend updating Photo Station to their latest versions. Esta vulnerabilidad de control de acceso inapropiada permite a atacantes remotos conseguir acceso no autorizado al sistema. Para corregir estas vulnerabilidades, QNAP recomienda actualizar Photo Station a sus últimas versiones. QNAP QTS and Photo Station version 6.0.3 suffers from a remote command execution vulnerability. • http://packetstormsecurity.com/files/157857/QNAP-QTS-And-Photo-Station-6.0.3-Remote-Command-Execution.html https://www.qnap.com/zh-tw/security-advisory/nas-201911-25 https://infosecwriteups.com/qnap-pre-auth-root-rce-affecting-450k-devices-on-the-internet-d55488d28a05 https://www.qnap.com/en-us/security-advisory/nas-201911-25 https://github.com/Imanfeng/QNAP-NAS-RCE • CWE-863: Incorrect Authorization •