An SQL injection vulnerability has been reported to affect QNAP NAS running Multimedia Console or the Media Streaming add-on. If exploited, the vulnerability allows remote attackers to obtain application information. QNAP has already fixed this vulnerability in the following versions of Multimedia Console and the Media Streaming add-on. QTS 4.3.3: Media Streaming add-on 430.1.8.10 and later QTS 4.3.6: Media Streaming add-on 430.1.8.8 and later QTS 4.4.x and later: Multimedia Console 1.3.4 and later We have also fixed this vulnerability in the following versions of QTS 4.3.3 and QTS 4.3.6, respectively: QTS 4.3.3.1624 Build 20210416 or later QTS 4.3.6.1620 Build 20210322 or later
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://www.qnap.com/en/security-advisory/qsa-21-11 |
History
No history.
MITRE
Status: PUBLISHED
Assigner: qnap
Published: 2021-04-17T03:50:13.274444Z
Updated: 2024-09-16T17:28:07.500Z
Reserved: 2021-01-19T00:00:00
Link: CVE-2020-36195
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2021-04-17T04:15:11.610
Modified: 2021-04-23T14:12:11.347
Link: CVE-2020-36195
Redhat
No data.