Media Streaming Add On
Monthly
A stack-based buffer overflow vulnerability exists in QNAP Media Streaming Add-On that allows remote attackers to corrupt memory or crash the affected process. All versions prior to 500.1.1 are vulnerable, and the attack requires no authentication or user interaction. While no CVSS score or EPSS data is currently available, the presence of a confirmed patch and the critical nature of buffer overflow vulnerabilities in media processing software suggests this warrants immediate patching.
A command injection vulnerability has been reported to affect Media Streaming add-on. If an attacker gains local network access who have also gained a user account, they can then exploit the vulnerability to execute arbitrary commands. [CVSS 7.8 HIGH]
An out-of-bounds read vulnerability has been reported to affect Media Streaming add-on. If an attacker gains local network access, they can then exploit the vulnerability to obtain secret data. [CVSS 5.5 MEDIUM]
A stack-based buffer overflow vulnerability exists in QNAP Media Streaming Add-On that allows remote attackers to corrupt memory or crash the affected process. All versions prior to 500.1.1 are vulnerable, and the attack requires no authentication or user interaction. While no CVSS score or EPSS data is currently available, the presence of a confirmed patch and the critical nature of buffer overflow vulnerabilities in media processing software suggests this warrants immediate patching.
A command injection vulnerability has been reported to affect Media Streaming add-on. If an attacker gains local network access who have also gained a user account, they can then exploit the vulnerability to execute arbitrary commands. [CVSS 7.8 HIGH]
An out-of-bounds read vulnerability has been reported to affect Media Streaming add-on. If an attacker gains local network access, they can then exploit the vulnerability to obtain secret data. [CVSS 5.5 MEDIUM]