Search

Security ID : NAS-201901-14

Security Advisory for Photo Station Vulnerability

  • Release date : January 14, 2019

  • CVE identifier : CVE-2018-0722

  • Affected products: Photo Station versions:
    5.7.2 and earlier in QTS 4.3.4
    5.4.4 and earlier in QTS 4.3.3
    5.2.8 and earlier in QTS 4.2.6

Severity

Important

Status

Resolved

Summary

A path traversal vulnerability has been reported to affect several Photo Station versions. If successfully exploited, the vulnerability could allow remote attackers to access sensitive information on the device.

We have already fixed these issues in the following versions.
QTS 4.3.4: Photo Station 5.7.3 and later.
QTS 4.3.3: Photo Station 5.4.5 and later.
QTS 4.2.6: Photo Station 5.2.9 and later.

Recommendation

To resolve the issue, you must update Photo Station to the latest version.

Upgrading Photo Station

  1. Log on to QTS as administrator.
  2. Open the App Center, and then click the Search icon.
    A search box appears.
  3. Type “Photo Station”, and then press ENTER.
    The Photo Station application appears in the search results list.
  4. Click Update.
    A confirmation message appears.
  5. Click OK.
    The application is updated.

 

Acknowledgements: Yoni Ramon, security researcher

Revision History: V1.0 (January 14, 2019) - Published

Choose specification

      Show more Less

      Choose Your Country or Region

      open menu
      back to top