Vulnerabilities > CVE-2023-41287 - Unspecified vulnerability in Qnap Video Station 5.7.1

CVSS 8.8 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

qnap

NVD

Published: 2024-01-05

Updated: 2024-11-21

Summary

A SQL injection vulnerability has been reported to affect Video Station. If exploited, the vulnerability could allow users to inject malicious code via a network. We have already fixed the vulnerability in the following version: Video Station 5.7.2 ( 2023/11/23 ) and later

Vulnerable Configurations

Part	Description	Count
Application	Qnap Qnap Video Station 5.7.1	1

References

https://www.qnap.com/en/security-advisory/qsa-23-55
https://www.qnap.com/en/security-advisory/qsa-23-55