CVE-2018-0729

This command injection vulnerability in Music Station allows attackers to execute commands on the affected device. To fix the vulnerability, QNAP recommend updating Music Station to their latest versions.
References
Configurations

Configuration 1 (hide)

AND
cpe:2.3:a:qnap:music_station:*:*:*:*:*:*:*:*
cpe:2.3:o:qnap:qts:4.4.1:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:a:qnap:music_station:*:*:*:*:*:*:*:*
cpe:2.3:o:qnap:qts:4.3.6:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:a:qnap:music_station:*:*:*:*:*:*:*:*
cpe:2.3:o:qnap:qts:4.3.4:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:a:qnap:music_station:*:*:*:*:*:*:*:*
cpe:2.3:o:qnap:qts:4.3.3:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:a:qnap:music_station:*:*:*:*:*:*:*:*
cpe:2.3:o:qnap:qts:4.2.6:*:*:*:*:*:*:*

History

No history.

Information

Published : 2019-12-04 17:16

Updated : 2024-02-04 20:39


NVD link : CVE-2018-0729

Mitre link : CVE-2018-0729

CVE.ORG link : CVE-2018-0729


JSON object : View

Products Affected

qnap

  • qts
  • music_station
CWE
CWE-77

Improper Neutralization of Special Elements used in a Command ('Command Injection')