Authentication Bypass Vulnerability in QNAP NAS Media Streaming Add-on

Authentication Bypass Vulnerability in QNAP NAS Media Streaming Add-on

CVE-2017-7638 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:P/A:N

QNAP NAS application Media Streaming add-on version 421.1.0.2, 430.1.2.0, and earlier does not authenticate requests properly. Successful exploitation could lead to change of the Media Streaming settings, and leakage of sensitive information of the QNAP NAS.

Learn more about our Web Application Penetration Testing UK.