Home/Product/qnap music station
Product

qnap music station

13 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
CVE-2023-45038
>= 5.0.0 and < 5.4.0
An improper authentication vulnerability has been reported to affect Music Station. If exploited, the vulnerability could allow us
4.3MEDIUM
 CVE-2023-39299
>= 4.8.0 and < 4.8.11
A path traversal vulnerability has been reported to affect Music Station. If exploited, the vulnerability could allow users to rea
7.5HIGH
 CVE-2023-23366
>= 5.3.0 and < 5.3.22
A path traversal vulnerability has been reported to affect Music Station. If exploited, the vulnerability could allow authenticate
7.7HIGH
 CVE-2023-23365
>= 5.3.0 and < 5.3.22
A path traversal vulnerability has been reported to affect Music Station. If exploited, the vulnerability could allow authenticate
7.7HIGH
 CVE-2020-36197
< 5.3.16
An improper access control vulnerability has been reported to affect earlier versions of Music Station. If exploited, this vulnera
7.1HIGH
 CVE-2020-2494
< 5.3.13
This cross-site scripting vulnerability in Music Station allows remote attackers to inject malicious code. QANP have already fixed
6.1MEDIUM
 CVE-2018-19952
>= 5.3.0 and < 5.3.11
If exploited, this SQL injection vulnerability could allow remote attackers to obtain application information. This issue affects:
7.5HIGH
 CVE-2018-19951
>= 5.3.0 and < 5.3.11
If exploited, this cross-site scripting vulnerability could allow remote attackers to inject malicious code. This issue affects: Q
6.1MEDIUM
 CVE-2018-19950
>= 5.3.0 and < 5.3.11
If exploited, this command injection vulnerability could allow remote attackers to execute arbitrary commands. This issue affects:
9.8CRITICAL
 CVE-2019-7185
< 5.3.5
This cross-site scripting (XSS) vulnerability in Music Station allows remote attackers to inject and execute scripts on the admini
4.8MEDIUM
 CVE-2018-0729
< 5.3.5
This command injection vulnerability in Music Station allows attackers to execute commands on the affected device. To fix the vuln
9.8CRITICAL
 CVE-2018-0718
<= 5.1.2
Command injection vulnerability in Music Station 5.1.2 and earlier versions in QNAP QTS 4.3.3 and 4.3.4 could allow remote attacke
9.8CRITICAL
 CVE-2017-13069
<= 4.8.6
QNAP discovered a number of command injection vulnerabilities found in Music Station versions 4.8.6 (for QTS 4.2.x), 5.0.7 (for QT
9.8CRITICAL
SOC and Response
Detection Engineering
Threat Hunting
Red Team and Pentest
Compliance and GRC
About
threatengine.sh