Music Station

music_station

Vendor: Qnap • 13 CVEs

CVEs (13)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2023-45038 1Qnap 1Music Station Sep 28, 2024 Sep 6, 2024 N/A· v4 8.8 HIGH· v3 N/A· v2 An improper authentication vulnerability has been reported to affect Music Station. If exploited, the vulnerability could allow users to compromise the security of the system via a network. We have already fixed the vul...Show more An improper authentication vulnerability has been reported to affect Music Station. If exploited, the vulnerability could allow users to compromise the security of the system via a network. We have already fixed the vulnerability in the following version: Music Station 5.4.0 and laterShow less
CVE-2023-39299 1Qnap 1Music Station Nov 21, 2024 Nov 3, 2023 N/A· v4 7.5 HIGH· v3 N/A· v2 A path traversal vulnerability has been reported to affect Music Station. If exploited, the vulnerability could allow users to read the contents of unexpected files and expose sensitive data via a network. We have alrea...Show more A path traversal vulnerability has been reported to affect Music Station. If exploited, the vulnerability could allow users to read the contents of unexpected files and expose sensitive data via a network. We have already fixed the vulnerability in the following versions: Music Station 4.8.11 and later Music Station 5.1.16 and later Music Station 5.3.23 and later Show less
CVE-2023-23366 1Qnap 1Music Station Nov 21, 2024 Oct 6, 2023 N/A· v4 6.5 MEDIUM· v3 N/A· v2 A path traversal vulnerability has been reported to affect Music Station. If exploited, the vulnerability could allow authenticated users to read the contents of unexpected files and expose sensitive data via a network....Show more A path traversal vulnerability has been reported to affect Music Station. If exploited, the vulnerability could allow authenticated users to read the contents of unexpected files and expose sensitive data via a network. We have already fixed the vulnerability in the following version: Music Station 5.3.22 and later Show less
CVE-2023-23365 1Qnap 1Music Station Nov 21, 2024 Oct 6, 2023 N/A· v4 6.5 MEDIUM· v3 N/A· v2 A path traversal vulnerability has been reported to affect Music Station. If exploited, the vulnerability could allow authenticated users to read the contents of unexpected files and expose sensitive data via a network....Show more A path traversal vulnerability has been reported to affect Music Station. If exploited, the vulnerability could allow authenticated users to read the contents of unexpected files and expose sensitive data via a network. We have already fixed the vulnerability in the following version: Music Station 5.3.22 and later Show less
CVE-2020-36197 1Qnap 1Music Station Nov 21, 2024 May 13, 2021 N/A· v4 8.8 HIGH· v3 5.8 MEDIUM· v2 An improper access control vulnerability has been reported to affect earlier versions of Music Station. If exploited, this vulnerability allows attackers to compromise the security of the software by gaining privileges,...Show more An improper access control vulnerability has been reported to affect earlier versions of Music Station. If exploited, this vulnerability allows attackers to compromise the security of the software by gaining privileges, reading sensitive information, executing commands, evading detection, etc. This issue affects: QNAP Systems Inc. Music Station versions prior to 5.3.16 on QTS 4.5.2; versions prior to 5.2.10 on QTS 4.3.6; versions prior to 5.1.14 on QTS 4.3.3; versions prior to 5.3.16 on QuTS hero h4.5.2; versions prior to 5.3.16 on QuTScloud c4.5.4.Show less
CVE-2020-2494 1Qnap 1Music Station Nov 21, 2024 Dec 10, 2020 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 This cross-site scripting vulnerability in Music Station allows remote attackers to inject malicious code. QANP have already fixed this vulnerability in the following versions of Music Station. QuTS hero h4.5.1: Music St...Show more This cross-site scripting vulnerability in Music Station allows remote attackers to inject malicious code. QANP have already fixed this vulnerability in the following versions of Music Station. QuTS hero h4.5.1: Music Station 5.3.13 and later QTS 4.5.1: Music Station 5.3.12 and later QTS 4.4.3: Music Station 5.3.12 and laterShow less
CVE-2018-19952 1Qnap 1Music Station Nov 21, 2024 Nov 2, 2020 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 If exploited, this SQL injection vulnerability could allow remote attackers to obtain application information. This issue affects: QNAP Systems Inc. Music Station versions prior to 5.1.13; versions prior to 5.2.9; versio...Show more If exploited, this SQL injection vulnerability could allow remote attackers to obtain application information. This issue affects: QNAP Systems Inc. Music Station versions prior to 5.1.13; versions prior to 5.2.9; versions prior to 5.3.11.Show less
CVE-2018-19951 1Qnap 1Music Station Nov 21, 2024 Nov 2, 2020 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 If exploited, this cross-site scripting vulnerability could allow remote attackers to inject malicious code. This issue affects: QNAP Systems Inc. Music Station versions prior to 5.1.13; versions prior to 5.2.9; versions...Show more If exploited, this cross-site scripting vulnerability could allow remote attackers to inject malicious code. This issue affects: QNAP Systems Inc. Music Station versions prior to 5.1.13; versions prior to 5.2.9; versions prior to 5.3.11.Show less
CVE-2018-19950 1Qnap 1Music Station Nov 21, 2024 Nov 2, 2020 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 If exploited, this command injection vulnerability could allow remote attackers to execute arbitrary commands. This issue affects: QNAP Systems Inc. Music Station versions prior to 5.1.13; versions prior to 5.2.9; versio...Show more If exploited, this command injection vulnerability could allow remote attackers to execute arbitrary commands. This issue affects: QNAP Systems Inc. Music Station versions prior to 5.1.13; versions prior to 5.2.9; versions prior to 5.3.11.Show less
CVE-2019-7185 1Qnap 1Music Station Nov 21, 2024 Dec 5, 2019 N/A· v4 4.8 MEDIUM· v3 3.5 LOW· v2 This cross-site scripting (XSS) vulnerability in Music Station allows remote attackers to inject and execute scripts on the administrator’s management console. To fix this vulnerability, QNAP recommend updating Music Sta...Show more This cross-site scripting (XSS) vulnerability in Music Station allows remote attackers to inject and execute scripts on the administrator’s management console. To fix this vulnerability, QNAP recommend updating Music Station to their latest versions.Show less
CVE-2018-0729 1Qnap 1Music Station Nov 21, 2024 Dec 4, 2019 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 This command injection vulnerability in Music Station allows attackers to execute commands on the affected device. To fix the vulnerability, QNAP recommend updating Music Station to their latest versions.
CVE-2018-0718 1Qnap 1Music Station Nov 21, 2024 Sep 14, 2018 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Command injection vulnerability in Music Station 5.1.2 and earlier versions in QNAP QTS 4.3.3 and 4.3.4 could allow remote attackers to run arbitrary commands in the compromised application.
CVE-2017-13069 1Qnap 1Music Station May 13, 2026 Oct 6, 2017 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 QNAP discovered a number of command injection vulnerabilities found in Music Station versions 4.8.6 (for QTS 4.2.x), 5.0.7 (for QTS 4.3.x), and earlier. If exploited, these vulnerabilities may allow a remote attacker to...Show more QNAP discovered a number of command injection vulnerabilities found in Music Station versions 4.8.6 (for QTS 4.2.x), 5.0.7 (for QTS 4.3.x), and earlier. If exploited, these vulnerabilities may allow a remote attacker to run arbitrary commands on the NAS.Show less