THREATOPS
THREAT OPSCVEs › CVE-2022-27593

CVE-2022-27593 — QNAP Photo Station Externally Controlled Reference Vulnerability

CISA KEVExploited: confirmedQNAP

Certain QNAP NAS running Photo Station with internet exposure contain an externally controlled reference to a resource vulnerability which can allow an attacker to modify system files. This vulnerability was observed being utilized in a Deadbolt ransomware campaign.

Vulnerability details