Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
qnap video station vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2021-44056
An improper authentication vulnerability has been reported to affect QNAP device running Video Station. If exploited, this vulnerability allows malicious users to compromise the security of the system. We have already fixed this vulnerability in the following versions of Video St...
Qnap Video Station
7.5
CVSSv2
CVE-2021-44055
An missing authorization vulnerability has been reported to affect QNAP device running Video Station. If exploited, this vulnerability allows remote malicious users to access data or perform actions that they should not be allowed to perform. We have already fixed this vulnerabil...
Qnap Video Station
7.5
CVSSv2
CVE-2017-13071
QNAP has already patched this vulnerability. This security concern allows a remote malicious user to run arbitrary commands on the QNAP Video Station 5.1.3 (for QTS 4.3.3), 5.2.0 (for QTS 4.3.4), and previous versions.
Qnap Video Station 5.1.3
Qnap Video Station 5.2.0
6.8
CVSSv2
CVE-2013-0144
Cross-site request forgery (CSRF) vulnerability in cgi-bin/create_user.cgi on QNAP VioStor NVR devices with firmware 4.0.3 allows remote malicious users to hijack the authentication of administrators for requests that create administrative accounts via a NEW USER action.
Qnap Viostor Network Video Recorder 4.0.3
Qnap Viostor Network Video Recorder -
6.5
CVSSv2
CVE-2021-28812
A command injection vulnerability has been reported to affect certain versions of Video Station. If exploited, this vulnerability allows remote malicious users to execute arbitrary commands. This issue affects: QNAP Systems Inc. Video Station versions before 5.5.4 on QTS 4.5.2; v...
Qnap Video Station
6.5
CVSSv2
CVE-2013-0143
cgi-bin/pingping.cgi on QNAP VioStor NVR devices with firmware 4.0.3, and in the Surveillance Station Pro component in QNAP NAS, allows remote authenticated users to execute arbitrary commands by leveraging guest access and placing shell metacharacters in the query string.
Qnap Viostor Network Video Recorder 4.0.3
Qnap Viostor Network Video Recorder -
Qnap Surveillance Station Pro -
Qnap Nas -
1 EDB exploit
5
CVSSv2
CVE-2013-0142
QNAP VioStor NVR devices with firmware 4.0.3, and the Surveillance Station Pro component in QNAP NAS, have a hardcoded guest account, which allows remote malicious users to obtain web-server login access via unspecified vectors.
Qnap Viostor Network Video Recorder 4.0.3
Qnap Viostor Network Video Recorder -
Qnap Surveillance Station Pro -
Qnap Nas -
3.5
CVSSv2
CVE-2019-7184
This cross-site scripting (XSS) vulnerability in Video Station allows remote malicious users to inject and execute scripts on the administrator’s management console. To fix this vulnerability, QNAP recommend updating Video Station to their latest versions.
Qnap Video Station
NA
CVE-2023-41287
A SQL injection vulnerability has been reported to affect Video Station. If exploited, the vulnerability could allow users to inject malicious code via a network. We have already fixed the vulnerability in the following version: Video Station 5.7.2 ( 2023/11/23 ) and later
Qnap Video Station
NA
CVE-2023-41288
An OS command injection vulnerability has been reported to affect Video Station. If exploited, the vulnerability could allow users to execute commands via a network. We have already fixed the vulnerability in the following version: Video Station 5.7.2 ( 2023/11/23 ) and later
Qnap Video Station
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
buffer overflow
type confusion
server-side request forgery
CVE-2024-38440
CVE-2024-27801
CVE-2024-5868
CVE-2024-0582
CVE-2024-37643
CVE-2024-3105
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »