Qnap Media_streaming_add-on
13 CVEs affecting Qnap Media_streaming_add-on. Latest disclosed: 2026-03-20. Critical: 5, High: 4.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2020-36195 | Critical | 9.8 | 2021-04-17 | An SQL injection vulnerability has been reported to affect QNAP NAS running Multimedia Console or the Media Streaming add-on. If exploited, the vulnerability a… |
CVE-2017-7640 | Critical | 9.8 | 2018-03-08 | QNAP NAS application Media Streaming add-on version 421.1.0.2, 430.1.2.0, and earlier allows remote attackers to run arbitrary OS commands against the system w… |
CVE-2023-47222 | Critical | 9.6 | 2024-04-26 | An exposure of sensitive information vulnerability has been reported to affect Media Streaming add-on. If exploited, the vulnerability could allow users to com… |
CVE-2025-59383 | Critical | 9.1 | 2026-03-20 | A buffer overflow vulnerability has been reported to affect Media Streaming Add-On. The remote attackers can then exploit the vulnerability to modify memory or… |
CVE-2023-23369 | Critical | 9.0 | 2023-11-03 | An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to… |
CVE-2024-50395 | High | 8.8 | 2024-11-22 | An authorization bypass through user-controlled key vulnerability has been reported to affect Media Streaming add-on. If exploited, the vulnerability could all… |
CVE-2017-7641 | High | 8.8 | 2018-03-08 | QNAP NAS application Media Streaming add-on version 421.1.0.2, 430.1.2.0, and earlier does not utilize CSRF protections. |
CVE-2021-34362 | High | 8.7 | 2021-10-22 | A command injection vulnerability has been reported to affect QNAP device running Media Streaming add-on. If exploited, this vulnerability allow remote attacke… |
CVE-2024-56808 | High | 7.8 | 2026-02-11 | A command injection vulnerability has been reported to affect Media Streaming add-on. If an attacker gains local network access who have also gained a user acc… |
CVE-2023-47220 | Medium | 6.6 | 2024-05-03 | An OS command injection vulnerability has been reported to affect Media Streaming add-on. If exploited, the vulnerability could allow authenticated administrat… |
CVE-2017-7638 | Medium | 6.5 | 2018-03-08 | QNAP NAS application Media Streaming add-on version 421.1.0.2, 430.1.2.0, and earlier does not authenticate requests properly. Successful exploitation could le… |
CVE-2017-7634 | Medium | 6.1 | 2018-03-08 | Cross-site scripting (XSS) vulnerability in QNAP NAS application Media Streaming add-on version 421.1.0.2, 430.1.2.0, and earlier allows remote attackers to in… |
CVE-2024-56807 | Medium | 5.5 | 2026-02-11 | An out-of-bounds read vulnerability has been reported to affect Media Streaming add-on. If an attacker gains local network access, they can then exploit the vu… |