Vulnerabilities > Qnap > Media Streaming ADD ON > Critical

DATE CVE VULNERABILITY TITLE RISK
2023-11-03 CVE-2023-23369 OS Command Injection vulnerability in Qnap QTS
An OS command injection vulnerability has been reported to affect several QNAP operating system versions.
network
low complexity
qnap CWE-78
critical
 9.8
9.8
2021-04-17 CVE-2020-36195 SQL Injection vulnerability in Qnap QTS
An SQL injection vulnerability has been reported to affect QNAP NAS running Multimedia Console or the Media Streaming add-on.
network
low complexity
qnap CWE-89
critical
 9.8
9.8
2018-03-08 CVE-2017-7640 OS Command Injection vulnerability in Qnap Media Streaming Add-On
QNAP NAS application Media Streaming add-on version 421.1.0.2, 430.1.2.0, and earlier allows remote attackers to run arbitrary OS commands against the system with root privileges.
network
low complexity
qnap CWE-78
critical
 9.8
9.8