Vulnerability CVE-2023-39299


Published: 2023-11-03

Description:
A path traversal vulnerability has been reported to affect Music Station. If exploited, the vulnerability could allow users to read the contents of unexpected files and expose sensitive data via a network.

We have already fixed the vulnerability in the following versions:
Music Station 4.8.11 and later
Music Station 5.1.16 and later
Music Station 5.3.23 and later

Type:

CWE-22

(Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal'))

 References:
https://www.qnap.com/en/security-advisory/qsa-23-61

Copyright 2026, cxsecurity.com

 

Back to Top