CVE-2015-7262

CWE-183 documents3 sources
Severity
7.5HIGH
EPSS
0.2%
top 58.39%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Qnap Iartist LiteQnap Signage Station
Timeline
PublishedFeb 27
Latest updateMay 17

Description

QNAP iArtist Lite before 1.4.54, as distributed with QNAP Signage Station before 2.0.1, allows remote authenticated users to gain privileges by registering an executable file, and then waiting for this file to be run in a privileged context after a reboot.

CVSS vector

CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.6 | Impact: 5.9

Affected Packages2 packages

NVDqnap/iartist_lite1.4.53.1

🔴Vulnerability Details

2
GHSA
GHSA-392g-h3h9-82w8: QNAP iArtist Lite before 12022-05-17
CVEList
CVE-2015-7262: QNAP iArtist Lite before 12016-02-27
CVE-2015-7262 (HIGH CVSS 7.5) | QNAP iArtist Lite before 1.4.54 | cvebase.io