Every CVE whose affected-product data names Qnap Video Station, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (15)
CVE-2023-34976 — CVSS 10.0 (critical): A SQL injection vulnerability has been reported to affect Video Station. If exploited, the vulnerability could allow authenticated users to…
CVE-2017-13071 — CVSS 9.8 (critical): QNAP has already patched this vulnerability. This security concern allows a remote attacker to run arbitrary commands on the QNAP Video…
CVE-2024-56804 — CVSS 8.8 (high): An SQL injection vulnerability has been reported to affect Video Station. If a remote attacker gains a user account, they can then exploit…
CVE-2021-28812 — CVSS 8.8 (high): A command injection vulnerability has been reported to affect certain versions of Video Station. If exploited, this vulnerability allows…
CVE-2023-41288 — CVSS 8.8 (high): An OS command injection vulnerability has been reported to affect Video Station. If exploited, the vulnerability could allow users to…
CVE-2023-50360 — CVSS 8.8 (high): A SQL injection vulnerability has been reported to affect Video Station. If exploited, the vulnerability could allow authenticated users to…
CVE-2023-47563 — CVSS 7.4 (high): An OS command injection vulnerability has been reported to affect Video Station. If exploited, the vulnerability could allow authenticated…
CVE-2021-44056 — CVSS 7.1 (high): An improper authentication vulnerability has been reported to affect QNAP device running Video Station. If exploited, this vulnerability…
CVE-2024-14024 — CVSS 6.7 (medium): An improper certificate validation vulnerability has been reported to affect Video Station. If an attacker gains local network access who…
CVE-2024-14025 — CVSS 6.7 (medium): An SQL injection vulnerability has been reported to affect Video Station. If an attacker gains local network access who have also gained an…
CVE-2023-34975 — CVSS 6.6 (medium): An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability…
CVE-2021-44055 — CVSS 5.3 (medium): An missing authorization vulnerability has been reported to affect QNAP device running Video Station. If exploited, this vulnerability…
CVE-2019-7184 — CVSS 4.8 (medium): This cross-site scripting (XSS) vulnerability in Video Station allows remote attackers to inject and execute scripts on the…
CVE-2023-34977 — CVSS 4.6 (medium): A cross-site scripting (XSS) vulnerability has been reported to affect Video Station. If exploited, the vulnerability could allow…
CVE-2023-41287 — CVSS 4.3 (medium): A SQL injection vulnerability has been reported to affect Video Station. If exploited, the vulnerability could allow users to inject…