CVE-2019-7192: QNAP Photo Station Improper Access Control Vulnerability
First published: Thu Dec 05 2019(Updated: )
This improper access control vulnerability allows remote attackers to gain unauthorized access to the system. To fix these vulnerabilities, QNAP recommend updating Photo Station to their latest versions.
Credit: security@qnapsecurity.com.tw
| Affected Software | Affected Version | How to fix |
|---|---|---|
| QNAP Photo Station | <6.0.3 | |
| QNAP QTS | =4.4.1 | |
| QNAP Photo Station | <5.7.10 | |
| QNAP QTS | >=4.3.4<=4.4.0 | |
| QNAP Photo Station | <5.4.9 | |
| QNAP QTS | >=4.3.0<=4.3.3 | |
| QNAP Photo Station | <5.2.11 | |
| QNAP QTS | =4.2.6 | |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2019-7192?
CVE-2019-7192 is an improper access control vulnerability in QNAP Photo Station.
How can remote attackers exploit CVE-2019-7192?
Remote attackers can exploit CVE-2019-7192 to gain unauthorized access to the system.
What is the severity of CVE-2019-7192?
CVE-2019-7192 has a severity rating of 9.8 (Critical).
What software is affected by CVE-2019-7192?
QNAP Photo Station versions up to and including 6.0.3 are affected by CVE-2019-7192.
How can I fix CVE-2019-7192?
To fix CVE-2019-7192, QNAP recommends updating Photo Station to the latest versions.
- agent/author
- agent/description
- agent/event
- agent/first-publish-date
- agent/last-modified-date
- agent/references
- agent/severity
- agent/softwarecombine
- agent/tags
- agent/title
- agent/type
- agent/weakness
- exploited/true
- ransomware/true
- collector/cisa-known-exploited
- source/CISA
- agent/software-canonical-lookup
- collector/nvd-index
- vendor/qnap
- canonical/qnap photo station
- canonical/qnap qts
- version/qnap qts/4.4.1
- version/qnap qts/4.3.4
- version/qnap qts/4.4.0
- version/qnap qts/4.3.0
- version/qnap qts/4.3.3
- version/qnap qts/4.2.6