HIGH🇵🇱 Wersja polska

CVE-2015-6022

CVSS 8.8v3.0pub. 2016-02-27upd. 2026-05-06

Unrestricted file upload vulnerability in QNAP Signage Station before 2.0.1 allows remote authenticated users to execute arbitrary code by uploading an executable file, and then accessing this file via an unspecified URL.

CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • Qnap Signage Station

    APP
    Qnap
    ≤ 2.0
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
RCE
CWE
References

Related vulnerabilities

CVE-2015-7261CRITICAL9.8ten sam produkt

The FTP service in QNAP iArtist Lite before 1.4.54, as distributed with QNAP Signage Station before 2.0.1, has...

CVE-2015-7262HIGH7.5ten sam produkt

QNAP iArtist Lite before 1.4.54, as distributed with QNAP Signage Station before 2.0.1, allows remote authenti...

CVE-2022-27593CRITICAL10.0⚠ KEVten sam vendor

An externally controlled reference to a resource vulnerability has been reported to affect QNAP NAS running Ph...

CVE-2021-28799CRITICAL10.0⚠ KEVten sam vendor

An improper authorization vulnerability has been reported to affect QNAP NAS running HBS 3 (Hybrid Backup Sync...

CVE-2020-2509CRITICAL9.8⚠ KEVten sam vendor

A command injection vulnerability has been reported to affect QTS and QuTS hero. If exploited, this vulnerabil...