Qnap Music_station

13 CVEs affecting Qnap Music_station. Latest disclosed: 2024-09-06. Critical: 4, High: 5.

Top CVEs affecting Qnap Music_station
CVESeverityScorePublishedSummary
CVE-2018-19950Critical9.82020-11-02If exploited, this command injection vulnerability could allow remote attackers to execute arbitrary commands. This issue affects: QNAP Systems Inc. Music Stat…
CVE-2018-0729Critical9.82019-12-04This command injection vulnerability in Music Station allows attackers to execute commands on the affected device. To fix the vulnerability, QNAP recommend upd…
CVE-2018-0718Critical9.82018-09-14Command injection vulnerability in Music Station 5.1.2 and earlier versions in QNAP QTS 4.3.3 and 4.3.4 could allow remote attackers to run arbitrary commands…
CVE-2017-13069Critical9.82017-10-06QNAP discovered a number of command injection vulnerabilities found in Music Station versions 4.8.6 (for QTS 4.2.x), 5.0.7 (for QTS 4.3.x), and earlier. If exp…
CVE-2023-23366High7.72023-10-06A path traversal vulnerability has been reported to affect Music Station. If exploited, the vulnerability could allow authenticated users to read the contents…
CVE-2023-23365High7.72023-10-06A path traversal vulnerability has been reported to affect Music Station. If exploited, the vulnerability could allow authenticated users to read the contents…
CVE-2023-39299High7.52023-11-03A path traversal vulnerability has been reported to affect Music Station. If exploited, the vulnerability could allow users to read the contents of unexpected…
CVE-2018-19952High7.52020-11-02If exploited, this SQL injection vulnerability could allow remote attackers to obtain application information. This issue affects: QNAP Systems Inc. Music Stat…
CVE-2020-36197High7.12021-05-13An improper access control vulnerability has been reported to affect earlier versions of Music Station. If exploited, this vulnerability allows attackers to co…
CVE-2020-2494Medium6.12020-12-10This cross-site scripting vulnerability in Music Station allows remote attackers to inject malicious code. QANP have already fixed this vulnerability in the fo…
CVE-2018-19951Medium6.12020-11-02If exploited, this cross-site scripting vulnerability could allow remote attackers to inject malicious code. This issue affects: QNAP Systems Inc. Music Statio…
CVE-2019-7185Medium4.82019-12-05This cross-site scripting (XSS) vulnerability in Music Station allows remote attackers to inject and execute scripts on the administrator’s management console…
CVE-2023-45038Medium4.32024-09-06An improper authentication vulnerability has been reported to affect Music Station. If exploited, the vulnerability could allow users to compromise the securit…