Music Station
Approved changes feed: RSS · Atom
cpe:2.3:a:qnap_systems_inc.:music_station:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Qnap Systems Inc. (1f66ac1e-0889-51bf-b27f-24c7175e5920) |
|---|---|
| Product | Music Station (60652bc6-9109-515a-ab45-23f09a187ac8) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2023-45038 |
vulnerable | 2026-06-03 14:53:07.330942 |
Music Station
MEDIUM (4.3)
An improper authentication vulnerability has been reported to affect Music Station. If exploited, the vulnerability could allow users to compromise the security of the system via a network.
We have already fixed the vulnerability in the following version:
Music Station 5.4.0 and later
Published: 2024-09-06T16:26:59.319Z
Updated: 2024-09-06T17:44:36.623Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-39299 |
vulnerable | 2026-06-03 14:52:38.586764 |
Music Station
HIGH (7.5)
A path traversal vulnerability has been reported to affect Music Station. If exploited, the vulnerability could allow users to read the contents of unexpected files and expose sensitive data via a network.
We have already fixed the vulnerability in the following versions:
Music Station 4.8.11 and later
Music Station 5.1.16 and later
Music Station 5.3.23 and later
Published: 2023-11-03T16:34:46.932Z
Updated: 2024-09-05T18:40:12.259Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-23366 |
vulnerable | 2026-06-03 14:49:21.305794 |
Music Station
HIGH (7.7)
A path traversal vulnerability has been reported to affect Music Station. If exploited, the vulnerability could allow authenticated users to read the contents of unexpected files and expose sensitive data via a network.
We have already fixed the vulnerability in the following version:
Music Station 5.3.22 and later
Published: 2023-10-06T16:34:01.529Z
Updated: 2024-09-19T15:20:25.517Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-23365 |
vulnerable | 2026-06-03 14:49:21.304593 |
Music Station
HIGH (7.7)
A path traversal vulnerability has been reported to affect Music Station. If exploited, the vulnerability could allow authenticated users to read the contents of unexpected files and expose sensitive data via a network.
We have already fixed the vulnerability in the following version:
Music Station 5.3.22 and later
Published: 2023-10-06T16:33:40.264Z
Updated: 2024-09-19T15:20:40.296Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2020-36197 |
vulnerable | 2026-06-03 14:42:33.287500 |
Improper Access Control Vulnerability in Music Station
HIGH (7.1)
An improper access control vulnerability has been reported to affect earlier versions of Music Station. If exploited, this vulnerability allows attackers to compromise the security of the software by gaining privileges, reading sensitive information, executing commands, evading detection, etc. This issue affects: QNAP Systems Inc. Music Station versions prior to 5.3.16 on QTS 4.5.2; versions prior to 5.2.10 on QTS 4.3.6; versions prior to 5.1.14 on QTS 4.3.3; versions prior to 5.3.16 on QuTS hero h4.5.2; versions prior to 5.3.16 on QuTScloud c4.5.4.
Published: 2021-05-13T02:55:12.525Z
Updated: 2024-09-17T01:01:30.720Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2020-2494 |
vulnerable | 2026-06-03 14:42:30.438699 |
Cross-site Scripting Vulnerability in Music Station
This cross-site scripting vulnerability in Music Station allows remote attackers to inject malicious code. QANP have already fixed this vulnerability in the following versions of Music Station. QuTS hero h4.5.1: Music Station 5.3.13 and later QTS 4.5.1: Music Station 5.3.12 and later QTS 4.4.3: Music Station 5.3.12 and later
Published: 2020-12-10T03:36:27.203Z
Updated: 2024-09-17T00:40:59.501Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2018-19952 |
vulnerable | 2026-06-03 14:38:29.908844 |
Details available
If exploited, this SQL injection vulnerability could allow remote attackers to obtain application information. This issue affects: QNAP Systems Inc. Music Station versions prior to 5.1.13; versions prior to 5.2.9; versions prior to 5.3.11.
Published: 2020-11-02T15:57:02.626Z
Updated: 2024-09-17T02:58:07.767Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2018-19951 |
vulnerable | 2026-06-03 14:38:29.908352 |
Details available
If exploited, this cross-site scripting vulnerability could allow remote attackers to inject malicious code. This issue affects: QNAP Systems Inc. Music Station versions prior to 5.1.13; versions prior to 5.2.9; versions prior to 5.3.11.
Published: 2020-11-02T15:57:02.569Z
Updated: 2024-09-16T20:22:27.691Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2018-19950 |
vulnerable | 2026-06-03 14:38:29.905759 |
Details available
If exploited, this command injection vulnerability could allow remote attackers to execute arbitrary commands. This issue affects: QNAP Systems Inc. Music Station versions prior to 5.1.13; versions prior to 5.2.9; versions prior to 5.3.11.
Published: 2020-11-02T15:57:02.523Z
Updated: 2024-09-17T02:31:26.145Z Reference links |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.