安全ID : NAS-201901-14
Security Advisory for Photo Station Vulnerability
发布日期 : January 14, 2019
通用漏洞披露 : CVE-2018-0722
受影响产品: Photo Station versions:
5.7.2 and earlier in QTS 4.3.4
5.4.4 and earlier in QTS 4.3.3
5.2.8 and earlier in QTS 4.2.6
严重程度
Important
状态
已解决
Summary
A path traversal vulnerability has been reported to affect several Photo Station versions. If successfully exploited, the vulnerability could allow remote attackers to access sensitive information on the device.
We have already fixed these issues in the following versions.
QTS 4.3.4: Photo Station 5.7.3 and later.
QTS 4.3.3: Photo Station 5.4.5 and later.
QTS 4.2.6: Photo Station 5.2.9 and later.
Recommendation
To resolve the issue, you must update Photo Station to the latest version.
Upgrading Photo Station
- Log on to QTS as administrator.
- Open the App Center, and then click the Search icon.
A search box appears. - Type “Photo Station”, and then press ENTER.
The Photo Station application appears in the search results list. - Click Update.
A confirmation message appears. - Click OK.
The application is updated.
致谢: Yoni Ramon, security researcher
修订历史: V1.0 (January 14, 2019) - Published
