CVE-2018-19950

Description

If exploited, this command injection vulnerability could allow remote attackers to execute arbitrary commands. This issue affects: QNAP Systems Inc. Music Station versions prior to 5.1.13; versions prior to 5.2.9; versions prior to 5.3.11.

Affected products

• QNAP Systems Inc. / Music Stationunspecified – 5.1.13
• QNAP Systems Inc. / Music Stationunspecified – 5.2.9
• QNAP Systems Inc. / Music Stationunspecified – 5.3.11

References

• MISChttps://www.qnap.com/en/security-advisory/qsa-20-10