Skip to main content

QNAP Video Station Command Injection Vulnerability

Last Update Date: 24 Nov 2017 10:32 Release Date: 24 Nov 2017 3822 Views

RISK: Medium Risk

TYPE: Servers - Media Streaming

TYPE: Media Streaming

A vulnerability has been identified in QNAP Video Station, which could be exploited by attackers to perform remote code execution on the target system.


Impact

  • Remote Code Execution

System / Technologies affected

  • Video Station versions 5.1.3 (for QTS 4.3.3), 5. 2.0 (for QTS 4.3.4), and earlier

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

Update to version:
  • For QTS 4.3.3: Video Station 5.1.4
  • For QTS 4.3.4: Video Station 5.2.1

Vulnerability Identifier


Source


Related Link