Vulnerability Details CVE-2024-56804
An SQL injection vulnerability has been reported to affect Video Station. If a remote attacker gains a user account, they can then exploit the vulnerability to execute unauthorized code or commands.
We have already fixed the vulnerability in the following version:
Video Station 5.8.4 and later
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 29.1%
CVSS Severity
CVSS v3 Score 8.8
Products affected by CVE-2024-56804
-
cpe:2.3:a:qnap:video_station:5.8.0
-
cpe:2.3:a:qnap:video_station:5.8.1
-
cpe:2.3:a:qnap:video_station:5.8.2