CVE-2019-7195

Name of the Vulnerable Software and Affected Versions QNAP Photo Station (affected versions not specified)

Description The issue allows remote attackers to access or modify system files due to an external control of file name or path vulnerability. This vulnerability is related to incorrect limitation of the directory path name with limited access. Exploitation of the vulnerability may allow a remote attacker to compromise data integrity.

Recommendations To fix the vulnerability, update Photo Station to the latest version. As a temporary workaround, consider restricting access to sensitive system files until a patch is available. Avoid using the vulnerable Photo Station application until the issue is resolved.