Qnap Music_station
13 CVEs affecting Qnap Music_station. Latest disclosed: 2024-09-06. Critical: 4, High: 5.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2018-19950 | Critical | 9.8 | 2020-11-02 | If exploited, this command injection vulnerability could allow remote attackers to execute arbitrary commands. This issue affects: QNAP Systems Inc. Music Stat… |
CVE-2018-0729 | Critical | 9.8 | 2019-12-04 | This command injection vulnerability in Music Station allows attackers to execute commands on the affected device. To fix the vulnerability, QNAP recommend upd… |
CVE-2018-0718 | Critical | 9.8 | 2018-09-14 | Command injection vulnerability in Music Station 5.1.2 and earlier versions in QNAP QTS 4.3.3 and 4.3.4 could allow remote attackers to run arbitrary commands… |
CVE-2017-13069 | Critical | 9.8 | 2017-10-06 | QNAP discovered a number of command injection vulnerabilities found in Music Station versions 4.8.6 (for QTS 4.2.x), 5.0.7 (for QTS 4.3.x), and earlier. If exp… |
CVE-2023-23366 | High | 7.7 | 2023-10-06 | A path traversal vulnerability has been reported to affect Music Station. If exploited, the vulnerability could allow authenticated users to read the contents… |
CVE-2023-23365 | High | 7.7 | 2023-10-06 | A path traversal vulnerability has been reported to affect Music Station. If exploited, the vulnerability could allow authenticated users to read the contents… |
CVE-2023-39299 | High | 7.5 | 2023-11-03 | A path traversal vulnerability has been reported to affect Music Station. If exploited, the vulnerability could allow users to read the contents of unexpected… |
CVE-2018-19952 | High | 7.5 | 2020-11-02 | If exploited, this SQL injection vulnerability could allow remote attackers to obtain application information. This issue affects: QNAP Systems Inc. Music Stat… |
CVE-2020-36197 | High | 7.1 | 2021-05-13 | An improper access control vulnerability has been reported to affect earlier versions of Music Station. If exploited, this vulnerability allows attackers to co… |
CVE-2020-2494 | Medium | 6.1 | 2020-12-10 | This cross-site scripting vulnerability in Music Station allows remote attackers to inject malicious code. QANP have already fixed this vulnerability in the fo… |
CVE-2018-19951 | Medium | 6.1 | 2020-11-02 | If exploited, this cross-site scripting vulnerability could allow remote attackers to inject malicious code. This issue affects: QNAP Systems Inc. Music Statio… |
CVE-2019-7185 | Medium | 4.8 | 2019-12-05 | This cross-site scripting (XSS) vulnerability in Music Station allows remote attackers to inject and execute scripts on the administrator’s management console… |
CVE-2023-45038 | Medium | 4.3 | 2024-09-06 | An improper authentication vulnerability has been reported to affect Music Station. If exploited, the vulnerability could allow users to compromise the securit… |