High severity8.8NVD Advisory· Published Feb 27, 2016· Updated May 6, 2026

CVE-2015-6022

Description

Unrestricted file upload vulnerability in QNAP Signage Station before 2.0.1 allows remote authenticated users to execute arbitrary code by uploading an executable file, and then accessing this file via an unspecified URL.

Affected products

Qnap/Signage Station
cpe:2.3:a:qnap:signage_station:*:*:*:*:*:*:*:*
Range: <=2.0

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.kb.cert.org/vuls/id/444472nvdThird Party AdvisoryUS Government Resource

News mentions

No linked articles in our index yet.

cvss	0.572
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000