What is CVE-2015-7261?

CVE-2015-7261 is a critical-severity vulnerability in Qnap Iartist_lite, classified under CWE-255. CVSS score: 9.8/10. Published 2016-02-27.

How severe is CVE-2015-7261?

Critical severity. CVSS v3 base score is 9.8 out of 10.

Vulnerability in Qnap Iartist_lite

CVE-2015-7261

The FTP service in QNAP iArtist Lite before 1.4.54, as distributed with QNAP Signage Station before 2.0.1, has hardcoded credentials, which makes it easier for remote attackers to obtain access via a session on TCP port 21.

EPSS: 0.003 (52.8th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 9.8 (Critical). Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H.

Affected products

Qnap Iartist_lite
Qnap Signage_station
N/a — versions n/a

Weakness classification (CWE)

CWE-255

References

VU#444472 (x_refsource_CERT-VN, US Government Resource, Third Party Advisory, third-party-advisory)

Frequently asked questions

What is CVE-2015-7261?: CVE-2015-7261 is a critical-severity vulnerability in Qnap Iartist_lite, classified under CWE-255. CVSS score: 9.8/10. Published 2016-02-27.
How severe is CVE-2015-7261?: Critical severity. CVSS v3 base score is 9.8 out of 10.