Qnap Media_streaming_add-on

13 CVEs affecting Qnap Media_streaming_add-on. Latest disclosed: 2026-03-20. Critical: 5, High: 4.

Top CVEs affecting Qnap Media_streaming_add-on
CVESeverityScorePublishedSummary
CVE-2020-36195Critical9.82021-04-17An SQL injection vulnerability has been reported to affect QNAP NAS running Multimedia Console or the Media Streaming add-on. If exploited, the vulnerability a…
CVE-2017-7640Critical9.82018-03-08QNAP NAS application Media Streaming add-on version 421.1.0.2, 430.1.2.0, and earlier allows remote attackers to run arbitrary OS commands against the system w…
CVE-2023-47222Critical9.62024-04-26An exposure of sensitive information vulnerability has been reported to affect Media Streaming add-on. If exploited, the vulnerability could allow users to com…
CVE-2025-59383Critical9.12026-03-20A buffer overflow vulnerability has been reported to affect Media Streaming Add-On. The remote attackers can then exploit the vulnerability to modify memory or…
CVE-2023-23369Critical9.02023-11-03An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to…
CVE-2024-50395High8.82024-11-22An authorization bypass through user-controlled key vulnerability has been reported to affect Media Streaming add-on. If exploited, the vulnerability could all…
CVE-2017-7641High8.82018-03-08QNAP NAS application Media Streaming add-on version 421.1.0.2, 430.1.2.0, and earlier does not utilize CSRF protections.
CVE-2021-34362High8.72021-10-22A command injection vulnerability has been reported to affect QNAP device running Media Streaming add-on. If exploited, this vulnerability allow remote attacke…
CVE-2024-56808High7.82026-02-11A command injection vulnerability has been reported to affect Media Streaming add-on. If an attacker gains local network access who have also gained a user acc…
CVE-2023-47220Medium6.62024-05-03An OS command injection vulnerability has been reported to affect Media Streaming add-on. If exploited, the vulnerability could allow authenticated administrat…
CVE-2017-7638Medium6.52018-03-08QNAP NAS application Media Streaming add-on version 421.1.0.2, 430.1.2.0, and earlier does not authenticate requests properly. Successful exploitation could le…
CVE-2017-7634Medium6.12018-03-08Cross-site scripting (XSS) vulnerability in QNAP NAS application Media Streaming add-on version 421.1.0.2, 430.1.2.0, and earlier allows remote attackers to in…
CVE-2024-56807Medium5.52026-02-11An out-of-bounds read vulnerability has been reported to affect Media Streaming add-on. If an attacker gains local network access, they can then exploit the vu…