Media Streaming Add On
Approved changes feed: RSS · Atom
cpe:2.3:a:qnap_systems_inc.:media_streaming_add-on:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Qnap Systems Inc. (1f66ac1e-0889-51bf-b27f-24c7175e5920) |
|---|---|
| Product | Media Streaming Add On (862d193e-fb26-53da-89a1-46315c2a13b8) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2025-59383 |
vulnerable | 2026-06-03 15:06:25.031839 |
Media Streaming Add-on
A buffer overflow vulnerability has been reported to affect Media Streaming Add-On. The remote attackers can then exploit the vulnerability to modify memory or crash processes.
We have already fixed the vulnerability in the following version:
Media Streaming Add-on 500.1.1 and later
Published: 2026-03-20T16:22:07.367Z
Updated: 2026-03-25T14:00:24.616Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-56808 |
vulnerable | 2026-06-03 14:57:50.336867 |
Media Streaming add-on
A command injection vulnerability has been reported to affect Media Streaming add-on. If an attacker gains local network access who have also gained a user account, they can then exploit the vulnerability to execute arbitrary commands.
We have already fixed the vulnerability in the following version:
Media Streaming add-on 500.1.1.6 ( 2024/08/02 ) and later
Published: 2026-02-11T12:20:08.765Z
Updated: 2026-02-11T14:27:11.982Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-56807 |
vulnerable | 2026-06-03 14:57:50.335389 |
Media Streaming add-on
An out-of-bounds read vulnerability has been reported to affect Media Streaming add-on. If an attacker gains local network access, they can then exploit the vulnerability to obtain secret data.
We have already fixed the vulnerability in the following version:
Media Streaming add-on 500.1.1.6 ( 2024/08/02 ) and later
Published: 2026-02-11T12:20:14.724Z
Updated: 2026-02-11T14:23:50.298Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-50395 |
vulnerable | 2026-06-03 14:57:24.170004 |
Media Streaming add-on
An authorization bypass through user-controlled key vulnerability has been reported to affect Media Streaming add-on. If exploited, the vulnerability could allow local network attackers to gain privilege.
We have already fixed the vulnerability in the following version:
Media Streaming add-on 500.1.1.6 ( 2024/08/02 ) and later
Published: 2024-11-22T15:31:47.697Z
Updated: 2024-11-22T16:48:42.193Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-47222 |
vulnerable | 2026-06-03 14:53:17.216364 |
Media Streaming add-on
CRITICAL (9.6)
An exposure of sensitive information vulnerability has been reported to affect Media Streaming add-on. If exploited, the vulnerability could allow users to compromise the security of the system via a network.
We have already fixed the vulnerability in the following version:
Media Streaming add-on 500.1.1.5 ( 2024/01/22 ) and later
Published: 2024-04-26T15:01:27.370Z
Updated: 2024-08-02T21:01:22.689Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-47220 |
vulnerable | 2026-06-03 14:53:17.211907 |
Media Streaming add-on
MEDIUM (6.6)
An OS command injection vulnerability has been reported to affect Media Streaming add-on. If exploited, the vulnerability could allow authenticated administrators to execute commands via a network.
We have already fixed the vulnerability in the following version:
Media Streaming add-on 500.1.1.5 ( 2024/01/22 ) and later
Published: 2024-05-03T02:32:04.674Z
Updated: 2024-08-02T21:01:22.912Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-23369 |
vulnerable | 2026-06-03 14:49:21.347731 |
QTS, Multimedia Console, and Media Streaming add-on
CRITICAL (9)
An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to execute commands via a network.
We have already fixed the vulnerability in the following versions:
Multimedia Console 2.1.2 ( 2023/05/04 ) and later
Multimedia Console 1.4.8 ( 2023/05/05 ) and later
QTS 5.1.0.2399 build 20230515 and later
QTS 4.3.6.2441 build 20230621 and later
QTS 4.3.4.2451 build 20230621 and later
QTS 4.3.3.2420 build 20230621 and later
QTS 4.2.6 build 20230621 and later
Media Streaming add-on 500.1.1.2 ( 2023/06/12 ) and later
Media Streaming add-on 500.0.0.11 ( 2023/06/16 ) and later
Published: 2023-11-03T16:34:40.084Z
Updated: 2025-02-27T20:34:32.639Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-34362 |
vulnerable | 2026-06-03 14:44:44.759161 |
Command Injection Vulnerability in Media Streaming Add-on
HIGH (8.7)
A command injection vulnerability has been reported to affect QNAP device running Media Streaming add-on. If exploited, this vulnerability allow remote attackers to run arbitrary commands. We have already fixed this vulnerability in the following versions of Media Streaming add-on: QTS 5.0.0: Media Streaming add-on 500.0.0.3 ( 2021/08/20 ) and later QTS 4.5.4: Media Streaming add-on 500.0.0.3 ( 2021/08/20 ) and later QTS 4.3.6: Media Streaming add-on 430.1.8.12 ( 2021/08/20 ) and later QTS 4.3.3: Media Streaming add-on 430.1.8.12 ( 2021/09/29 ) and later QuTS-Hero 5.0.0: Media Streaming add-on 500.0.0.3 ( 2021/08/20 ) and later
Published: 2021-10-22T04:25:09.871Z
Updated: 2024-09-16T16:17:27.193Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2020-36195 |
vulnerable | 2026-06-03 14:42:33.266670 |
SQL Injection Vulnerability in Multimedia Console and the Media Streaming Add-On
CRITICAL (9.8)
An SQL injection vulnerability has been reported to affect QNAP NAS running Multimedia Console or the Media Streaming add-on. If exploited, the vulnerability allows remote attackers to obtain application information. QNAP has already fixed this vulnerability in the following versions of Multimedia Console and the Media Streaming add-on. QTS 4.3.3: Media Streaming add-on 430.1.8.10 and later QTS 4.3.6: Media Streaming add-on 430.1.8.8 and later QTS 4.4.x and later: Multimedia Console 1.3.4 and later We have also fixed this vulnerability in the following versions of QTS 4.3.3 and QTS 4.3.6, respectively: QTS 4.3.3.1624 Build 20210416 or later QTS 4.3.6.1620 Build 20210322 or later
Published: 2021-04-17T03:50:13.274Z
Updated: 2024-09-16T17:28:07.500Z Reference links |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.