Qnap Video Station
By the Year
In 2024 there have been 2 vulnerabilities in Qnap Video Station with an average score of 8.8 out of ten. Last year Video Station had 3 security vulnerabilities published. If vulnerabilities keep coming in at the current rate, it appears that number of security vulnerabilities in Video Station in 2024 could surpass last years number. However, the average CVE base score of the vulnerabilities in 2024 is greater by 1.13.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2024 | 2 | 8.80 |
| 2023 | 3 | 7.67 |
| 2022 | 2 | 9.80 |
| 2021 | 0 | 0.00 |
| 2020 | 0 | 0.00 |
| 2019 | 0 | 0.00 |
| 2018 | 0 | 0.00 |
It may take a day or so for new Video Station vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Qnap Video Station Security Vulnerabilities
An OS command injection vulnerability has been reported to affect Video Station
CVE-2023-41288
8.8 - High
- January 05, 2024
An OS command injection vulnerability has been reported to affect Video Station. If exploited, the vulnerability could allow users to execute commands via a network. We have already fixed the vulnerability in the following version: Video Station 5.7.2 ( 2023/11/23 ) and later
Shell injection
A SQL injection vulnerability has been reported to affect Video Station
CVE-2023-41287
8.8 - High
- January 05, 2024
A SQL injection vulnerability has been reported to affect Video Station. If exploited, the vulnerability could allow users to inject malicious code via a network. We have already fixed the vulnerability in the following version: Video Station 5.7.2 ( 2023/11/23 ) and later
SQL Injection
A cross-site scripting (XSS) vulnerability has been reported to affect Video Station
CVE-2023-34977
5.4 - Medium
- October 13, 2023
A cross-site scripting (XSS) vulnerability has been reported to affect Video Station. If exploited, the vulnerability could allow authenticated users to inject malicious code via a network. We have already fixed the vulnerability in the following version: Video Station 5.7.0 ( 2023/07/27 ) and later
XSS
A SQL injection vulnerability has been reported to affect Video Station
CVE-2023-34976
8.8 - High
- October 13, 2023
A SQL injection vulnerability has been reported to affect Video Station. If exploited, the vulnerability could allow authenticated users to inject malicious code via a network. We have already fixed the vulnerability in the following version: Video Station 5.7.0 ( 2023/07/27 ) and later
SQL Injection
An OS command injection vulnerability has been reported to affect several QNAP operating system versions
CVE-2023-34975
8.8 - High
- October 13, 2023
An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute commands via a network. QuTScloud c5.1.x is not affected. We have already fixed the vulnerability in the following versions: QuTS hero h4.5.4.2626 build 20231225 and later QTS 4.5.4.2627 build 20231225 and later
Shell injection
An improper authentication vulnerability has been reported to affect QNAP device running Video Station
CVE-2021-44056
9.8 - Critical
- May 05, 2022
An improper authentication vulnerability has been reported to affect QNAP device running Video Station. If exploited, this vulnerability allows attackers to compromise the security of the system. We have already fixed this vulnerability in the following versions of Video Station: Video Station 5.5.9 and later Video Station 5.3.13 and later Video Station 5.1.8 and later
authentification
An missing authorization vulnerability has been reported to affect QNAP device running Video Station
CVE-2021-44055
9.8 - Critical
- May 05, 2022
An missing authorization vulnerability has been reported to affect QNAP device running Video Station. If exploited, this vulnerability allows remote attackers to access data or perform actions that they should not be allowed to perform. We have already fixed this vulnerability in the following versions of Video Station: Video Station 5.5.9 ( 2022/02/16 ) and later
AuthZ
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Qnap Video Station or by Qnap? Click the Watch button to subscribe.
