CVE-2017-7638

Summary

QNAP NAS application Media Streaming add-on version 421.1.0.2, 430.1.2.0, and earlier does not authenticate requests properly. Successful exploitation could lead to change of the Media Streaming settings, and leakage of sensitive information of the QNAP NAS.

Affected Software

VendorProductVersion RangeStatus
QNAPQNAP Media Streaming Add-On421.1.0.2, 430.1.2.0, and earlieraffected

Weaknesses

  • Incorrect Access Control

ADP Enrichment

CVE Program Container

Additional References

References