An SQL injection vulnerability has been reported to affect QNAP NAS running Multimedia Console or the Media Streaming add-on. If exploited, the vulnerability allows remote attackers to obtain application information. QNAP has already fixed this vulnerability in the following versions of Multimedia Console and the Media Streaming add-on. QTS 4.3.3: Media Streaming add-on 430.1.8.10 and later QTS 4.3.6: Media Streaming add-on 430.1.8.8 and later QTS 4.4.x and later: Multimedia Console 1.3.4 and later We have also fixed this vulnerability in the following versions of QTS 4.3.3 and QTS 4.3.6, respectively: QTS 4.3.3.1624 Build 20210416 or later QTS 4.3.6.1620 Build 20210322 or later
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: qnap

Published: 2021-04-17T03:50:13.274444Z

Updated: 2024-09-16T17:28:07.500Z

Reserved: 2021-01-19T00:00:00

Link: CVE-2020-36195

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Analyzed

Published: 2021-04-17T04:15:11.610

Modified: 2021-04-23T14:12:11.347

Link: CVE-2020-36195

cve-icon Redhat

No data.