CVE-2019-7194

Name of the Vulnerable Software and Affected Versions QNAP Photo Station (affected versions not specified)

Description This issue allows remote attackers to access or modify system files due to external control of file name or path. It is related to incorrect limitation of the directory path name with limited access. Exploitation may allow a remote attacker to compromise data integrity.

Recommendations To fix the vulnerability, update Photo Station to the latest version. As a temporary workaround, consider restricting access to sensitive system files until the update is applied. Avoid using the vulnerable Photo Station version until it is updated to the latest version.