Lucene search
K

11 matches found

Packet Storm
Packet Storm
added 2024/08/31 12:0 a.m.310 views

QNAP QTS and Photo Station Local File Inclusion

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'QNAP QTS and Photo Station Local File Inclusion', 'Description' = %q This module exploits a local file inclusion in QNAP QTS and Photo Station th...

9.8CVSS7AI score0.89681EPSS
Exploits11
Check Point Advisories
Check Point Advisories
added 2020/11/21 12:0 a.m.44 views

QNAP Photo Station Remote Code Execution (CVE-2019-7192; CVE-2019-7193; CVE-2019-7194; CVE-2019-7195)

A remote code execution vulnerability exists in QNAP NAS. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

10CVSS5.6AI score0.89681EPSS
Exploits12
0daydb
0daydb
added 2020/05/30 2:56 p.m.553 views

QNAP QTS And Photo Station 6.0.3 - Remote Command Execution

QNAP QTS and Photo Station version 6.0.3 suffers from a remote command execution vulnerability. Exploit Title: QNAP QTS and Photo Station 6.0.3 - Remote Command Execution Exploit Author: Yunus YILDIRIM Th3Gundy Team: CT-Zer0 @CRYPTTECH - https://www.crypttech.com Date: 2020-05-28 Vendor Homepage:...

10CVSS0.8AI score0.89681EPSS
Exploits24
Metasploit
Metasploit
added 2020/05/28 7:11 p.m.59 views

QNAP QTS and Photo Station Local File Inclusion

This module exploits a local file inclusion in QNAP QTS and Photo Station that allows an unauthenticated attacker to download files from the QNAP filesystem. Because the HTTP server runs as root, it is possible to access sensitive files, such as SSH private keys and password hashes. This module h...

9.8CVSS0.2AI score0.89681EPSS
Exploits11
Exploit DB
Exploit DB
added 2020/05/28 12:0 a.m.424 views

QNAP QTS and Photo Station 6.0.3 - Remote Command Execution

Exploit Title: QNAP QTS and Photo Station 6.0.3 - Remote Command Execution Exploit Author: Yunus YILDIRIM Th3Gundy Team: CT-Zer0 @CRYPTTECH - https://www.crypttech.com Date: 2020-05-28 Vendor Homepage: https://www.qnap.com Version: QTS 4.4.1 | Photo Station 6.0.3 CVE: CVE-2019-7192, CVE-2019-7193...

10CVSS9.6AI score0.89681EPSS
Exploits12
Packet Storm
Packet Storm
added 2020/05/28 12:0 a.m.517 views

QNAP QTS And Photo Station 6.0.3 Remote Command Execution

Exploit Title: QNAP QTS and Photo Station 6.0.3 - Remote Command Execution Exploit Author: Yunus YILDIRIM Th3Gundy Team: CT-Zer0 @CRYPTTECH - https://www.crypttech.com Date: 2020-05-28 Vendor Homepage: https://www.qnap.com Version: QTS 4.4.1 | Photo Station 6.0.3 CVE: CVE-2019-7192, CVE-2019-7193...

10CVSS0.5AI score0.89681EPSS
Exploits12
Circl
Circl
added 2020/05/20 2:15 p.m.9 views

CVE-2019-7194

creationtimestamp| type| source ---|---|--- 2020-05-20 14:15:03+00:00| exploited| https://t.me/SecLabNews/7629 2020-06-10 20:45:57+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/gather/qnaplfi.rb 2022-06-13 13:27:03+00:00| seen|...

9.8CVSS7.3AI score0.82966EPSS
Exploits8References10
NVD
NVD
added 2019/12/05 5:15 p.m.19 views

CVE-2019-7194

This external control of file name or path vulnerability allows remote attackers to access or modify system files. To fix the vulnerability, QNAP recommend updating Photo Station to their latest versions...

9.8CVSS9.5AI score0.82966EPSS
Exploits8References3
Vulnrichment
Vulnrichment
added 2019/12/05 4:30 p.m.9 views

CVE-2019-7194

This external control of file name or path vulnerability allows remote attackers to access or modify system files. To fix the vulnerability, QNAP recommend updating Photo Station to their latest versions...

9.5AI score0.82966EPSS
Exploits8References2
CVE
CVE
added 2019/12/05 4:30 p.m.1080 views

CVE-2019-7194

CVE-2019-7194 is a QNAP Photo Station path-traversal vulnerability (external control of file name/path) that allows remote access to or modification of files. Affected: QNAP Photo Station (versions 5.2.11, 5.4.9, 5.7.10, and 6.0.3 or earlier). Impact per sources: remote access/modification of sys...

9.8CVSS9.3AI score0.82966EPSS
In wildExploits8References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2019/12/05 12:0 a.m.33 views

CVE-2019-7194

This external control of file name or path vulnerability allows remote attackers to access or modify system files. To fix the vulnerability, QNAP recommend updating Photo Station to their latest versions. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker...

9.8CVSS5.7AI score0.82966EPSS
In wildExploits8References3
Rows per page
Query Builder