CVE-2018-0729

Summary

This command injection vulnerability in Music Station allows attackers to execute commands on the affected device. To fix the vulnerability, QNAP recommend updating Music Station to their latest versions.

Affected Software

VendorProductVersion RangeStatus
n/aQNAP NAS devicesQTS 4.4.1: Music Station before version 5.3.5, QTS 4.3.6: Music Station before version 5.2.7, QTS 4.3.4: Music Station before version 5.1.11, QTS 4.3.3: Music Station before version 5.1.11, QTS 4.2.6: Music Station before version 4.8.8affected

Weaknesses

  • Commend Injection

ADP Enrichment

CVE Program Container

Additional References

References