Qnap: >> Video Station >> 5.7.1 Security Vulnerabilities
An OS command injection vulnerability has been reported to affect Video Station. If exploited, the vulnerability could allow authenticated users to execute commands via a network.
We have already fixed the vulnerability in the following version:
Video Station 5.8.2 and later
CVSS Score
7.4
EPSS Score
0.009
Published
2024-09-06
A SQL injection vulnerability has been reported to affect Video Station. If exploited, the vulnerability could allow authenticated users to inject malicious code via a network.
We have already fixed the vulnerability in the following version:
Video Station 5.8.1 ( 2024/02/26 ) and later
CVSS Score
8.8
EPSS Score
0.001
Published
2024-09-06
A SQL injection vulnerability has been reported to affect Video Station. If exploited, the vulnerability could allow users to inject malicious code via a network.
We have already fixed the vulnerability in the following version:
Video Station 5.7.2 ( 2023/11/23 ) and later
CVSS Score
4.3
EPSS Score
0.001
Published
2024-01-05
An OS command injection vulnerability has been reported to affect Video Station. If exploited, the vulnerability could allow users to execute commands via a network.
We have already fixed the vulnerability in the following version:
Video Station 5.7.2 ( 2023/11/23 ) and later
CVSS Score
8.8
EPSS Score
0.002
Published
2024-01-05
A cross-site scripting (XSS) vulnerability has been reported to affect Video Station. If exploited, the vulnerability could allow authenticated users to inject malicious code via a network.
We have already fixed the vulnerability in the following version:
Video Station 5.7.0 ( 2023/07/27 ) and later
CVSS Score
4.6
EPSS Score
0.002
Published
2023-10-13