CVE-2022-27593
QNAP Photo Station Externally Controlled Reference Vulnerability
⚠ KEVEPSS 93.8%
Description
Certain QNAP NAS running Photo Station with internet exposure contain an externally controlled reference to a resource vulnerability which can allow an attacker to modify system files. This vulnerability was observed being utilized in a Deadbolt ransomware campaign.
How to fix CVE-2022-27593
No package mapping is available — consult the references below for vendor-specific guidance.
Is CVE-2022-27593 being exploited?
Yes — CVE-2022-27593 is on the CISA Known Exploited Vulnerabilities (KEV) catalog. Patch immediately.
Affected packages (0)
No package mapping in OSV.