Shodan
Vulnerabilities
Vulnerable Software
Qnap:  >> Video Station  >> 5.5.9  Security Vulnerabilities
CVE-2024-14025
An SQL injection vulnerability has been reported to affect Video Station. If an attacker gains local network access who have also gained an administrator account, they can then exploit the vulnerability to execute unauthorized code or commands. We have already fixed the vulnerability in the following version: Video Station 5.8.2 and later
CVSS Score
6.7
EPSS Score
0.0
Published
2026-03-11
CVE-2024-14024
An improper certificate validation vulnerability has been reported to affect Video Station. If an attacker gains local network access who have also gained an administrator account, they can then exploit the vulnerability to compromise the security of the system. We have already fixed the vulnerability in the following version: Video Station 5.8.2 and later
CVSS Score
6.7
EPSS Score
0.0
Published
2026-03-11
CVE-2023-47563
An OS command injection vulnerability has been reported to affect Video Station. If exploited, the vulnerability could allow authenticated users to execute commands via a network. We have already fixed the vulnerability in the following version: Video Station 5.8.2 and later
CVSS Score
7.4
EPSS Score
0.007
Published
2024-09-06
CVE-2023-50360
A SQL injection vulnerability has been reported to affect Video Station. If exploited, the vulnerability could allow authenticated users to inject malicious code via a network. We have already fixed the vulnerability in the following version: Video Station 5.8.1 ( 2024/02/26 ) and later
CVSS Score
8.8
EPSS Score
0.004
Published
2024-09-06
CVE-2023-34975
An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute commands via a network. QuTScloud is not affected. We have already fixed the vulnerability in the following versions: QuTS hero h4.5.4.2626 build 20231225 and later QTS 4.5.4.2627 build 20231225 and later
CVSS Score
6.6
EPSS Score
0.001
Published
2023-10-13
CVE-2023-34976
A SQL injection vulnerability has been reported to affect Video Station. If exploited, the vulnerability could allow authenticated users to inject malicious code via a network. We have already fixed the vulnerability in the following version: Video Station 5.7.0 ( 2023/07/27 ) and later
CVSS Score
10.0
EPSS Score
0.002
Published
2023-10-13
CVE-2023-34977
A cross-site scripting (XSS) vulnerability has been reported to affect Video Station. If exploited, the vulnerability could allow authenticated users to inject malicious code via a network. We have already fixed the vulnerability in the following version: Video Station 5.7.0 ( 2023/07/27 ) and later
CVSS Score
4.6
EPSS Score
0.002
Published
2023-10-13


Products
Pricing
Contact Us

Shodan ® - All rights reserved