Описание
A path traversal vulnerability has been reported to affect Music Station. If exploited, the vulnerability could allow authenticated users to read the contents of unexpected files and expose sensitive data via a network.
We have already fixed the vulnerability in the following version: Music Station 5.3.22 and later
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 5.3.0 (включая) до 5.3.22 (исключая)
cpe:2.3:a:qnap:music_station:*:*:*:*:*:*:*:*
EPSS
Процентиль: 35%
0.00147
Низкий
7.7 High
CVSS3
6.5 Medium
CVSS3
Дефекты
CWE-22
CWE-22
Связанные уязвимости
CVSS3: 7.7
github
больше 2 лет назад
A path traversal vulnerability has been reported to affect Music Station. If exploited, the vulnerability could allow authenticated users to read the contents of unexpected files and expose sensitive data via a network. We have already fixed the vulnerability in the following version: Music Station 5.3.22 and later
EPSS
Процентиль: 35%
0.00147
Низкий
7.7 High
CVSS3
6.5 Medium
CVSS3
Дефекты
CWE-22
CWE-22