Qnap

Music Station

13 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.8

CVE-2023-45038

  • EPSS 0.07%
  • Published 06.09.2024 17:15:12
  • Last modified 28.09.2024 23:51:34

An improper authentication vulnerability has been reported to affect Music Station. If exploited, the vulnerability could allow users to compromise the security of the system via a network. We have already fixed the vulnerability in the following ve...

7.5

CVE-2023-39299

  • EPSS 0.13%
  • Published 03.11.2023 17:15:08
  • Last modified 21.11.2024 08:15:06

A path traversal vulnerability has been reported to affect Music Station. If exploited, the vulnerability could allow users to read the contents of unexpected files and expose sensitive data via a network. We have already fixed the vulnerability in ...

6.5

CVE-2023-23365

  • EPSS 0.15%
  • Published 06.10.2023 17:15:11
  • Last modified 21.11.2024 07:46:02

A path traversal vulnerability has been reported to affect Music Station. If exploited, the vulnerability could allow authenticated users to read the contents of unexpected files and expose sensitive data via a network. We have already fixed the vul...

6.5

CVE-2023-23366

  • EPSS 0.15%
  • Published 06.10.2023 17:15:11
  • Last modified 21.11.2024 07:46:02

A path traversal vulnerability has been reported to affect Music Station. If exploited, the vulnerability could allow authenticated users to read the contents of unexpected files and expose sensitive data via a network. We have already fixed the vul...

8.8

CVE-2020-36197

  • EPSS 2.59%
  • Published 13.05.2021 03:15:06
  • Last modified 21.11.2024 05:28:59

An improper access control vulnerability has been reported to affect earlier versions of Music Station. If exploited, this vulnerability allows attackers to compromise the security of the software by gaining privileges, reading sensitive information,...

6.1

CVE-2020-2494

  • EPSS 0.27%
  • Published 10.12.2020 04:15:11
  • Last modified 21.11.2024 05:25:20

This cross-site scripting vulnerability in Music Station allows remote attackers to inject malicious code. QANP have already fixed this vulnerability in the following versions of Music Station. QuTS hero h4.5.1: Music Station 5.3.13 and later QTS 4.5...

9.8

CVE-2018-19950

  • EPSS 3.36%
  • Published 02.11.2020 16:15:13
  • Last modified 21.11.2024 03:58:52

If exploited, this command injection vulnerability could allow remote attackers to execute arbitrary commands. This issue affects: QNAP Systems Inc. Music Station versions prior to 5.1.13; versions prior to 5.2.9; versions prior to 5.3.11.

6.1

CVE-2018-19951

  • EPSS 0.27%
  • Published 02.11.2020 16:15:13
  • Last modified 21.11.2024 03:58:52

If exploited, this cross-site scripting vulnerability could allow remote attackers to inject malicious code. This issue affects: QNAP Systems Inc. Music Station versions prior to 5.1.13; versions prior to 5.2.9; versions prior to 5.3.11.

7.5

CVE-2018-19952

  • EPSS 0.3%
  • Published 02.11.2020 16:15:13
  • Last modified 21.11.2024 03:58:52

If exploited, this SQL injection vulnerability could allow remote attackers to obtain application information. This issue affects: QNAP Systems Inc. Music Station versions prior to 5.1.13; versions prior to 5.2.9; versions prior to 5.3.11.

4.8

CVE-2019-7185

  • EPSS 0.21%
  • Published 05.12.2019 17:15:12
  • Last modified 21.11.2024 04:47:44

This cross-site scripting (XSS) vulnerability in Music Station allows remote attackers to inject and execute scripts on the administrator’s management console. To fix this vulnerability, QNAP recommend updating Music Station to their latest versions.