Out-of-Bounds Read Vulnerability in Media Streaming Add-on by QNAP
CVE-2024-56807

1.7LOW

Key Information:

Vendor: QNAP
Status: Media Streaming Add-on
Vendor: CVE Published:; 11 February 2026

What is CVE-2024-56807?

A serious out-of-bounds read vulnerability has been identified in the Media Streaming add-on. This issue allows attackers with access to the local network to exploit the vulnerability, potentially leading to the unauthorized exposure of sensitive data. QNAP has addressed this vulnerability in version 500.1.1.6 and subsequent releases, and users are strongly advised to update to these versions to mitigate any risks.

Affected Version(s)

Media Streaming add-on 500.1.x < 500.1.1.6 ( 2024/08/02 )

References

https://www.qnap.com/en/security-advisory/qsa-25-57

CVSS V4

Score:

1.7

Severity:

LOW

Confidentiality:

None

Integrity:

None

Availability:

High

Attack Vector:

Physical

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 11, 2026
Vulnerability Reserved
Dec 31, 2024

Credit

dcs

CVE-2024-56807 Data

JSON