CPE-ACC01FE1-F0FE-4CD2-8F22-4EAD533F318F Detail

CPE Details

QNAP Media Streaming add-on 430.1.1.0

Vendor

qnap

Product

media_streaming_add-on

Version

430.1.1.0

Created

2021-04-21
22h36 +00:00

Modified

2021-04-27
13h08 +00:00

Official links

CPE NVD

Alerte pour un CPE

Stay informed of any changes for a specific CPE.

Notifications manage

List of Notifications

Alerte pour un CPE

Stay informed of any changes for a specific CPE.

Parameters

You can specify a title that will be retrieved in the alerts that will be sent out.

CPE ID

Planning

Month

Next run calculation

Day

Weekday

Hour

Minute

Creation date

Last execution

Next execution

Functionality requiring a connection

This feature, which allows you to receive alerts, is only active when you are logged into your account.

CPE Name: cpe:2.3:a:qnap:media_streaming_add-on:430.1.1.0:::::::*

Informations

Vendor

qnap

Product

media_streaming_add-on

Version

430.1.1.0

Related CVE

Open and find in CVE List

CVE ID	Published	Description	Score	Severity
CVE-2021-34362	2021-10-22 04h25 +00:00	A command injection vulnerability has been reported to affect QNAP device running Media Streaming add-on. If exploited, this vulnerability allow remote attackers to run arbitrary commands. We have already fixed this vulnerability in the following versions of Media Streaming add-on: QTS 5.0.0: Media Streaming add-on 500.0.0.3 ( 2021/08/20 ) and later QTS 4.5.4: Media Streaming add-on 500.0.0.3 ( 2021/08/20 ) and later QTS 4.3.6: Media Streaming add-on 430.1.8.12 ( 2021/08/20 ) and later QTS 4.3.3: Media Streaming add-on 430.1.8.12 ( 2021/09/29 ) and later QuTS-Hero 5.0.0: Media Streaming add-on 500.0.0.3 ( 2021/08/20 ) and later	8.7	High
CVE-2020-36195	2021-04-17 03h50 +00:00	An SQL injection vulnerability has been reported to affect QNAP NAS running Multimedia Console or the Media Streaming add-on. If exploited, the vulnerability allows remote attackers to obtain application information. QNAP has already fixed this vulnerability in the following versions of Multimedia Console and the Media Streaming add-on. QTS 4.3.3: Media Streaming add-on 430.1.8.10 and later QTS 4.3.6: Media Streaming add-on 430.1.8.8 and later QTS 4.4.x and later: Multimedia Console 1.3.4 and later We have also fixed this vulnerability in the following versions of QTS 4.3.3 and QTS 4.3.6, respectively: QTS 4.3.3.1624 Build 20210416 or later QTS 4.3.6.1620 Build 20210322 or later	9.8	Critical
CVE-2017-7634	2018-03-08 14h00 +00:00	Cross-site scripting (XSS) vulnerability in QNAP NAS application Media Streaming add-on version 421.1.0.2, 430.1.2.0, and earlier allows remote attackers to inject arbitrary web script or HTML. The injected code will only be triggered by a crafted link, not the normal page.	6.1	Medium
CVE-2017-7638	2018-03-08 14h00 +00:00	QNAP NAS application Media Streaming add-on version 421.1.0.2, 430.1.2.0, and earlier does not authenticate requests properly. Successful exploitation could lead to change of the Media Streaming settings, and leakage of sensitive information of the QNAP NAS.	6.5	Medium
CVE-2017-7640	2018-03-08 14h00 +00:00	QNAP NAS application Media Streaming add-on version 421.1.0.2, 430.1.2.0, and earlier allows remote attackers to run arbitrary OS commands against the system with root privileges.	9.8	Critical
CVE-2017-7641	2018-03-08 14h00 +00:00	QNAP NAS application Media Streaming add-on version 421.1.0.2, 430.1.2.0, and earlier does not utilize CSRF protections.	8.8	High

QNAP Media Streaming add-on 430.1.1.0

CPE Details

CPE Name: cpe:2.3:a:qnap:media_streaming_add-on:430.1.1.0:*:*:*:*:*:*:*

Informations

Vendor

Product

Version

Related CVE

CPE Name: cpe:2.3:a:qnap:media_streaming_add-on:430.1.1.0:::::::*