Security ID : QSA-24-13
Vulnerability in Photo Station
Release date : March 9, 2024
CVE identifier : CVE-2023-47221
Affected products: Photo Station 6.4.x
Severity
Medium
Status
Resolved
Summary
A path traversal vulnerability has been reported to affect Photo Station. If exploited, the vulnerability could allow authenticated administrators to read the contents of unexpected files and expose sensitive data via a network.
We have already fixed the vulnerability in the following version:
Affected Product | Fixed Version |
Photo Station 6.4.x | Photo Station 6.4.2 (2023/12/15) and later |
Recommendation
To fix the vulnerability, we recommend updating Photo Station to the latest version.
Updating Photo Station
- Log on to QTS or QuTS hero as an administrator.
- Open App Center and then click .
A search box appears. - Type "Photo Station" and then press ENTER.
Photo Station appears in the search results. - Click Update.
A confirmation message appears.
Note: The Update button is not available if your Photo Station is already up to date. - Click OK.
The application is updated.
Attachment
Acknowledgements: YingMuo (@YingMuo), working with DEVCORE Internship Program
Revision History:
V1.0 (March 09, 2024) - Published