CVE-2024-50395

High

An authorization bypass through user-controlled key vulnerability has been reported to affect Media Streaming add-on. If exploited, the…

qnap·CWE-639·Published 2024-11-22

CVSS

8.8

EPSS

0.01

KEV

Exploits

cve.orgen

329 chars

An authorization bypass through user-controlled key vulnerability has been reported to affect Media Streaming add-on. If exploited, the vulnerability could allow local network attackers to gain privilege. We have already fixed the vulnerability in the following version: Media Streaming add-on 500.1.1.6 ( 2024/08/02 ) and later

NVDen

329 chars

NVDes

377 chars

Se ha informado de una vulnerabilidad de omisión de autorización mediante clave controlada por el usuario que afecta al complemento Media Streaming. Si se explota, la vulnerabilidad podría permitir a los atacantes de la red local obtener privilegios. Ya hemos corregido la vulnerabilidad en la siguiente versión: complemento Media Streaming 500.1.1.6 (2024/08/02) y posteriores

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
3.1	Primary	NVD	8.8	2.8	5.9	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
4.0	Primary	cve.org	6.9	—	—	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N