Vulnerabilities > CVE-2015-6022 - Unspecified vulnerability in Qnap Signage Station 2.0

CVSS 9.0 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

SINGLE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

network

low complexity

qnap

critical

NVD

Published: 2016-02-27

Updated: 2016-03-08

Summary

Unrestricted file upload vulnerability in QNAP Signage Station before 2.0.1 allows remote authenticated users to execute arbitrary code by uploading an executable file, and then accessing this file via an unspecified URL. <a href="http://cwe.mitre.org/data/definitions/434.html">CWE-434: Unrestricted Upload of File with Dangerous Type</a>

Vulnerable Configurations

Part	Description	Count
Application	Qnap Qnap Signage Station 2.0	1

References

http://www.kb.cert.org/vuls/id/444472