CVE-2015-6022

Name of the Vulnerable Software and Affected Versions QNAP Signage Station versions prior to 2.0.1

Description The issue allows remote authenticated users to execute arbitrary code by uploading an executable file and then accessing it via an unspecified URL. This is due to an unrestricted file upload vulnerability.

Recommendations For versions prior to 2.0.1, update to version 2.0.1 or later to resolve the issue. As a temporary workaround, consider restricting file upload capabilities to prevent the execution of arbitrary code.