CVE-2019-7194CISA KEVEPSS p99.6%

CVE-2019-7194QNAP Photo Station Path Traversal Vulnerability

QNAP / Photo Station

Description

QNAP devices running Photo Station contain an external control of file name or path vulnerability allowing remote attackers to access or modify system files.

Scoring

EPSS82.97% probability of exploitation · percentile 99.6% · 2026-06-15T12:03:41Z

CISA KEV entry

Added to KEV: 2022-06-08

(incoming)1

TypeTargetConfidenceTier
KEVEntryQNAP Photo Station Path Traversal Vulnerabilitykev-cve-2019-71940%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
QNAP Photo Station Improper Access Control Vulnerability
CVE
QNAP NAS File Station Command Injection Vulnerability
CVE
QNAP QTS Improper Input Validation Vulnerability
CVE
QNAP NAS File Station Cross-Site Scripting Vulnerability
CVE
QNAP Network-Attached Storage (NAS) Command Injection Vulnerability
CVE
QNAP Photo Station Externally Controlled Reference Vulnerability
Sourced from NVD + CISA KEV + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.