COOEY // HUBcompliance · community · intelligence

FAIL › dossier

Photo Station product

4
failure events
0
zero-days
0
RCEs
4
on KEV
4
critical
80
worst shame

Dossier not yet built — the RAG curator builds one for players with ≥2 failure events (factory/dossier.py). The failure history and sentiment below are live.

Failure history 4 events

DateEventSevFlagsShameSummary
2022-09-08 CVE-2022-27593 critical ⌖KEV 80 Certain QNAP NAS running Photo Station with internet exposure contain an externally controlled reference to a resource vulnerability which can allow an attacker to modify system files. This vulnerability was observed being utilized in a Deadbolt ransomware campaign.
2022-06-08 CVE-2019-7194 critical ⌖KEV 80 QNAP devices running Photo Station contain an external control of file name or path vulnerability allowing remote attackers to access or modify system files.
2022-06-08 CVE-2019-7195 critical ⌖KEV 80 QNAP devices running Photo Station contain an external control of file name or path vulnerability allowing remote attackers to access or modify system files.
2022-06-08 CVE-2019-7192 critical ⌖KEV 80 QNAP NAS devices running Photo Station contain an improper access control vulnerability allowing remote attackers to gain unauthorized access to the system.