Video Station
Approved changes feed: RSS · Atom
cpe:2.3:a:qnap_systems_inc.:video_station:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Qnap Systems Inc. (1f66ac1e-0889-51bf-b27f-24c7175e5920) |
|---|---|
| Product | Video Station (249a157d-d8d1-51e7-ab90-8ac86a2a5b9d) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2024-56804 |
vulnerable | 2026-06-03 14:57:50.315998 |
Video Station
An SQL injection vulnerability has been reported to affect Video Station. If a remote attacker gains a user account, they can then exploit the vulnerability to execute unauthorized code or commands.
We have already fixed the vulnerability in the following version:
Video Station 5.8.4 and later
Published: 2025-10-03T18:08:19.010Z
Updated: 2025-10-03T18:35:12.788Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-14025 |
vulnerable | 2026-06-03 14:54:25.888245 |
Video Station
An SQL injection vulnerability has been reported to affect Video Station. If an attacker gains local network access who have also gained an administrator account, they can then exploit the vulnerability to execute unauthorized code or commands.
We have already fixed the vulnerability in the following version:
Video Station 5.8.2 and later
Published: 2026-03-11T08:02:09.214Z
Updated: 2026-03-11T13:52:24.375Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-14024 |
vulnerable | 2026-06-03 14:54:25.887056 |
Video Station
An improper certificate validation vulnerability has been reported to affect Video Station. If an attacker gains local network access who have also gained an administrator account, they can then exploit the vulnerability to compromise the security of the system.
We have already fixed the vulnerability in the following version:
Video Station 5.8.2 and later
Published: 2026-03-11T08:02:03.876Z
Updated: 2026-03-11T14:12:35.283Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-50360 |
vulnerable | 2026-06-03 14:53:30.958839 |
Video Station
HIGH (8.8)
A SQL injection vulnerability has been reported to affect Video Station. If exploited, the vulnerability could allow authenticated users to inject malicious code via a network.
We have already fixed the vulnerability in the following version:
Video Station 5.8.1 ( 2024/02/26 ) and later
Published: 2024-09-06T16:26:55.405Z
Updated: 2024-09-06T17:46:27.496Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-47563 |
vulnerable | 2026-06-03 14:53:17.658192 |
Video Station
HIGH (7.4)
An OS command injection vulnerability has been reported to affect Video Station. If exploited, the vulnerability could allow authenticated users to execute commands via a network.
We have already fixed the vulnerability in the following version:
Video Station 5.8.2 and later
Published: 2024-09-06T16:26:50.074Z
Updated: 2024-09-06T17:47:03.791Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-41288 |
vulnerable | 2026-06-03 14:52:51.554931 |
Video Station
HIGH (8.8)
An OS command injection vulnerability has been reported to affect Video Station. If exploited, the vulnerability could allow users to execute commands via a network.
We have already fixed the vulnerability in the following version:
Video Station 5.7.2 ( 2023/11/23 ) and later
Published: 2024-01-05T16:19:10.920Z
Updated: 2025-04-17T18:12:26.469Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-41287 |
vulnerable | 2026-06-03 14:52:51.553609 |
Video Station
MEDIUM (4.3)
A SQL injection vulnerability has been reported to affect Video Station. If exploited, the vulnerability could allow users to inject malicious code via a network.
We have already fixed the vulnerability in the following version:
Video Station 5.7.2 ( 2023/11/23 ) and later
Published: 2024-01-05T16:19:15.421Z
Updated: 2025-06-17T14:37:58.131Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-34977 |
vulnerable | 2026-06-03 14:52:17.492056 |
Video Station
MEDIUM (4.6)
A cross-site scripting (XSS) vulnerability has been reported to affect Video Station. If exploited, the vulnerability could allow authenticated users to inject malicious code via a network.
We have already fixed the vulnerability in the following version:
Video Station 5.7.0 ( 2023/07/27 ) and later
Published: 2023-10-13T19:17:26.921Z
Updated: 2024-09-16T19:42:13.359Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-34976 |
vulnerable | 2026-06-03 14:52:17.491562 |
Video Station
CRITICAL (10)
A SQL injection vulnerability has been reported to affect Video Station. If exploited, the vulnerability could allow authenticated users to inject malicious code via a network.
We have already fixed the vulnerability in the following version:
Video Station 5.7.0 ( 2023/07/27 ) and later
Published: 2023-10-13T19:17:17.403Z
Updated: 2026-01-12T09:14:57.872Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-44056 |
vulnerable | 2026-06-03 14:45:35.428967 |
Improper authentication in Video Station
HIGH (7.1)
An improper authentication vulnerability has been reported to affect QNAP device running Video Station. If exploited, this vulnerability allows attackers to compromise the security of the system. We have already fixed this vulnerability in the following versions of Video Station: Video Station 5.5.9 and later Video Station 5.3.13 and later Video Station 5.1.8 and later
Published: 2022-05-05T16:50:27.692Z
Updated: 2024-09-17T03:08:09.720Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-44055 |
vulnerable | 2026-06-03 14:45:35.427815 |
Information leakage in Video Station
MEDIUM (5.3)
An missing authorization vulnerability has been reported to affect QNAP device running Video Station. If exploited, this vulnerability allows remote attackers to access data or perform actions that they should not be allowed to perform. We have already fixed this vulnerability in the following versions of Video Station: Video Station 5.5.9 ( 2022/02/16 ) and later
Published: 2022-05-05T16:50:26.331Z
Updated: 2024-09-17T00:06:46.037Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-28812 |
not_vulnerable | 2026-06-03 14:44:18.816410 |
Command Injection Vulnerability in Video Station
HIGH (8.8)
A command injection vulnerability has been reported to affect certain versions of Video Station. If exploited, this vulnerability allows remote attackers to execute arbitrary commands. This issue affects: QNAP Systems Inc. Video Station versions prior to 5.5.4 on QTS 4.5.2; versions prior to 5.5.4 on QuTS hero h4.5.2; versions prior to 5.5.4 on QuTScloud c4.5.4. This issue does not affect: QNAP Systems Inc. Video Station on QTS 4.3.6; on QTS 4.3.3.
Published: 2021-06-03T02:45:14.642Z
Updated: 2024-09-16T20:11:39.918Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-28812 |
vulnerable | 2026-06-03 14:44:18.816362 |
Command Injection Vulnerability in Video Station
HIGH (8.8)
A command injection vulnerability has been reported to affect certain versions of Video Station. If exploited, this vulnerability allows remote attackers to execute arbitrary commands. This issue affects: QNAP Systems Inc. Video Station versions prior to 5.5.4 on QTS 4.5.2; versions prior to 5.5.4 on QuTS hero h4.5.2; versions prior to 5.5.4 on QuTScloud c4.5.4. This issue does not affect: QNAP Systems Inc. Video Station on QTS 4.3.6; on QTS 4.3.3.
Published: 2021-06-03T02:45:14.642Z
Updated: 2024-09-16T20:11:39.918Z Reference links |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.