CVE-2022-27593

DeadBolt Ransomware

CVSS 10 CRITICALEPSS 87.9%● KEVCWE-610

In short

A vulnerability in QNAP NAS Photo Station allows attackers to modify system files by exploiting an improperly controlled file reference, potentially leading to complete system compromise through ransomware deployment.

Technical detail

CWE-610 path traversal/external entity reference vulnerability in Photo Station enables unauthenticated or low-privileged attackers to manipulate system files by crafting malicious requests that bypass access controls; successful exploitation results in arbitrary file modification and ransomware installation on affected QNAP devices across multiple QTS versions.

Summary generated and translated by AI from the official description.

An externally controlled reference to a resource vulnerability has been reported to affect QNAP NAS running Photo Station. If exploited, This could allow an attacker to modify system files. We have already fixed the vulnerability in the following versions: QTS 5.0.1: Photo Station 6.1.2 and later QTS 5.0.0/4.5.x: Photo Station 6.0.22 and later QTS 4.3.6: Photo Station 5.7.18 and later QTS 4.3.3: Photo Station 5.4.15 and later QTS 4.2.6: Photo Station 5.2.14 and later

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:H

Affected products

QNAP Systems Inc. · Photo Station

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-27593 https://www.qnap.com/en/security-advisory/qsa-22-24