CVE-2015-7262
First published: Sat Feb 27 2016(Updated: )
QNAP iArtist Lite before 1.4.54, as distributed with QNAP Signage Station before 2.0.1, allows remote authenticated users to gain privileges by registering an executable file, and then waiting for this file to be run in a privileged context after a reboot.
Credit: cret@cert.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| QNAP iArtist Lite | <=1.4.53.1 | |
| QNAP Signage Station | <=2.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2015-7262?
CVE-2015-7262 has a medium severity rating due to the potential for privilege escalation by remote authenticated users.
How do I fix CVE-2015-7262?
To fix CVE-2015-7262, upgrade QNAP iArtist Lite to version 1.4.54 or later and QNAP Signage Station to version 2.0.1 or later.
Who is affected by CVE-2015-7262?
CVE-2015-7262 affects users of QNAP iArtist Lite versions earlier than 1.4.54 and QNAP Signage Station versions earlier than 2.0.1.
What kind of attacks does CVE-2015-7262 allow?
CVE-2015-7262 allows remote authenticated users to gain elevated privileges by registering malicious executable files.
When was CVE-2015-7262 discovered?
CVE-2015-7262 was disclosed in 2015, highlighting vulnerabilities in specific versions of QNAP software.
- collector/nvd-index
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/author
- agent/references
- agent/severity
- agent/last-modified-date
- agent/weakness
- agent/first-publish-date
- agent/tags
- agent/event
- agent/description
- agent/source
- vendor/qnap
- canonical/qnap iartist lite
- version/qnap iartist lite/1.4.53.1
- canonical/qnap signage station
- version/qnap signage station/2.0