Hardcoded Credentials in QNAP iArtist Lite FTP Service

Hardcoded Credentials in QNAP iArtist Lite FTP Service

CVE-2015-7261 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

The FTP service in QNAP iArtist Lite before 1.4.54, as distributed with QNAP Signage Station before 2.0.1, has hardcoded credentials, which makes it easier for remote attackers to obtain access via a session on TCP port 21.

Learn more about our Web Application Penetration Testing UK.