← voltar
CVE-2024-14025

Video Station

CVSS 0.1 LOWEPSS 0.1%CWE-89
Vexday Risk Score
8Baixo
Decisão SSVC (CISA)
Track
Sem sinal de exploração → monitorar
CVSS 0.1EPSS 0.1%KEV nãoPoC Nuclei Metasploit Patch
Ciclo de vida
11 mar 2026Publicada no NVD
Recomendação: Monitorar — sem sinal de exploração no momento.
An SQL injection vulnerability has been reported to affect Video Station. If an attacker gains local network access who have also gained an administrator account, they can then exploit the vulnerability to execute unauthorized code or commands. We have already fixed the vulnerability in the following version: Video Station 5.8.2 and later
CVSS:4.0/AV:P/AC:L/AT:P/PR:H/UI:N/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L/E:U
Produtos afetados
QNAP Systems Inc. · Video Station

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://www.qnap.com/en/security-advisory/qsa-24-24