Vulnerabilities (CVE)

Filtered by vendor Qnap Subscribe

Filtered by product Media Streaming Add-on

CVSS v3 Filter

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 2 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2017-7638	1 Qnap	2 Media Streaming Add-on, Qts	2018-03-27	6.4 MEDIUM	6.5 MEDIUM
QNAP NAS application Media Streaming add-on version 421.1.0.2, 430.1.2.0, and earlier does not authenticate requests properly. Successful exploitation could lead to change of the Media Streaming settings, and leakage of sensitive information of the QNAP NAS.
CVE-2017-7634	1 Qnap	2 Media Streaming Add-on, Qts	2018-03-27	4.3 MEDIUM	6.1 MEDIUM
Cross-site scripting (XSS) vulnerability in QNAP NAS application Media Streaming add-on version 421.1.0.2, 430.1.2.0, and earlier allows remote attackers to inject arbitrary web script or HTML. The injected code will only be triggered by a crafted link, not the normal page.