Authorization Bypass Vulnerability in Media Streaming Add-on by QNAP
CVE-2024-50395

Currently unrated

Key Information:

Vendor: QNAP
Status: Media Streaming add-on
Vendor: CVE Published:; 22 November 2024

What is CVE-2024-50395?

A user-controlled key vulnerability has been discovered in the Media Streaming add-on, enabling local network attackers to bypass authorization mechanisms. Successful exploitation may lead to unauthorized privilege escalation, allowing attackers to gain access to restricted functionality. QNAP has addressed this issue in version 500.1.1.6, released on August 2, 2024, and strongly advises users to upgrade to prevent potential exploitation.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://www.qnap.com/en/security-advisory/qsa-24-47

EPSS Score

6% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Nov 22, 2024

JSON

QNAP

What is CVE-2024-50395?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

References

EPSS Score

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.