CVE-2018-0722 — Path Traversal in Qnap Photo Station

CWE-22 — Path Traversal5 documents4 sources

Severity

7.5HIGHNVD

EPSS

0.4%

top 41.04%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Qnap Photo Station

Timeline

PublishedFeb 1

Latest updateMay 14

Description

Path Traversal vulnerability in Photo Station versions: 5.7.2 and earlier in QTS 4.3.4, 5.4.4 and earlier in QTS 4.3.3, 5.2.8 and earlier in QTS 4.2.6 could allow remote attackers to access sensitive information on the device.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 3.9 | Impact: 3.6

Affected Packages2 packages

▶NVDqnap/photo_station5.7.0 — 5.7.2+2

▶CVEListV5qnap/photo_stationPhoto Station versions: 5.7.2 and earlier in QTS 4.3.4, 5.4.4 and earlier in QTS 4.3.3, 5.2.8 and earlier in QTS 4.2.6

🔴Vulnerability Details

GHSA

GHSA-r7gm-6ww8-qrxr: Path Traversal vulnerability in Photo Station versions: 5↗2022-05-14

▶

CVEList

CVE-2018-0722: Path Traversal vulnerability in Photo Station versions: 5↗2019-02-01

▶