Vulnerabilities (CVE)

Filtered by vendor Qnap Subscribe
Filtered by product Video Station
Total 5 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-44056 1 Qnap 1 Video Station 2022-05-13 10.0 HIGH 9.8 CRITICAL
An improper authentication vulnerability has been reported to affect QNAP device running Video Station. If exploited, this vulnerability allows attackers to compromise the security of the system. We have already fixed this vulnerability in the following versions of Video Station: Video Station 5.5.9 and later Video Station 5.3.13 and later Video Station 5.1.8 and later
CVE-2021-44055 1 Qnap 1 Video Station 2022-05-13 7.5 HIGH 9.8 CRITICAL
An missing authorization vulnerability has been reported to affect QNAP device running Video Station. If exploited, this vulnerability allows remote attackers to access data or perform actions that they should not be allowed to perform. We have already fixed this vulnerability in the following versions of Video Station: Video Station 5.5.9 ( 2022/02/16 ) and later
CVE-2021-28812 1 Qnap 4 Qts, Quts Hero, Qutscloud and 1 more 2021-06-11 6.5 MEDIUM 8.8 HIGH
A command injection vulnerability has been reported to affect certain versions of Video Station. If exploited, this vulnerability allows remote attackers to execute arbitrary commands. This issue affects: QNAP Systems Inc. Video Station versions prior to 5.5.4 on QTS 4.5.2; versions prior to 5.5.4 on QuTS hero h4.5.2; versions prior to 5.5.4 on QuTScloud c4.5.4. This issue does not affect: QNAP Systems Inc. Video Station on QTS 4.3.6; on QTS 4.3.3.
CVE-2019-7184 1 Qnap 2 Qts, Video Station 2020-02-10 3.5 LOW 4.8 MEDIUM
This cross-site scripting (XSS) vulnerability in Video Station allows remote attackers to inject and execute scripts on the administrator’s management console. To fix this vulnerability, QNAP recommend updating Video Station to their latest versions.
CVE-2017-13071 1 Qnap 2 Qts, Video Station 2017-12-12 7.5 HIGH 9.8 CRITICAL
QNAP has already patched this vulnerability. This security concern allows a remote attacker to run arbitrary commands on the QNAP Video Station 5.1.3 (for QTS 4.3.3), 5.2.0 (for QTS 4.3.4), and earlier.