Video Station
CVE-2023-34976

10CRITICAL

Key Information:

Vendor: QNAP
Status: Video Station
Vendor: CVE Published:; 13 October 2023

What is CVE-2023-34976?

A SQL injection vulnerability has been identified in QNAP's Video Station, enabling authenticated users to potentially inject malicious code through network interactions. This flaw could lead to unauthorized access to sensitive data and exploitation of the affected system. QNAP has addressed this issue in the release of Video Station version 5.7.0 on July 27, 2023, and users are strongly encouraged to upgrade to this version or later to mitigate risks.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Video Station 5.7.x < 5.7.0 ( 2023/07/27 )

References

https://www.qnap.com/en/security-advisory/qsa-23-52

CVSS V3.1

Score:

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Changed

Timeline

Vulnerability published
Oct 13, 2023
Vulnerability Reserved
Jun 8, 2023

Credit

Kaibro

JSON

QNAP

What is CVE-2023-34976?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Credit

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.