The FTP service in QNAP iArtist Lite before 1.4.54, as distributed with QNAP Signage Station before 2.0.1, has hardcoded credentials, which makes it easier for remote attackers to obtain access via a session on TCP port 21.
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HQnap Iartist Lite
APPQnapβ€ 1.4.53.1Qnap Signage Station
APPQnapβ€ 2.0
Related vulnerabilities
Unrestricted file upload vulnerability in QNAP Signage Station before 2.0.1 allows remote authenticated users ...
QNAP iArtist Lite before 1.4.54, as distributed with QNAP Signage Station before 2.0.1, allows remote authenti...
An externally controlled reference to a resource vulnerability has been reported to affect QNAP NAS running Ph...
An improper authorization vulnerability has been reported to affect QNAP NAS running HBS 3 (Hybrid Backup Sync...
A command injection vulnerability has been reported to affect QTS and QuTS hero. If exploited, this vulnerabil...