Vulnerability CVE-2023-50360
Published: 2024-09-06

Description:
A SQL injection vulnerability has been reported to affect Video Station. If exploited, the vulnerability could allow authenticated users to inject malicious code via a network.

We have already fixed the vulnerability in the following version:
Video Station 5.8.1 ( 2024/02/26 ) and later

Type:

CWE-89

 (Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection'))

 References:
https://www.qnap.com/en/security-advisory/qsa-24-24
Copyright 2026, cxsecurity.com

 

Back to Top