CVE-2023-47222

CWE-22Path TraversalCWE-200Information ExposureCWE-287Improper Authentication3 documents3 sources
Severity
9.8CRITICAL
EPSS
0.4%
top 41.83%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Qnap Systems Inc. Media Streaming Add-onQnap Media Streaming Add-on
Timeline
PublishedApr 26

Description

An exposure of sensitive information vulnerability has been reported to affect Media Streaming add-on. If exploited, the vulnerability could allow users to compromise the security of the system via a network. We have already fixed the vulnerability in the following version: Media Streaming add-on 500.1.1.5 ( 2024/01/22 ) and later

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:HExploitability: 2.8 | Impact: 6.0

Affected Packages2 packages

CVEListV5qnap_systems_inc./media_streaming_add-on500.1.x500.1.1.5 ( 2024/01/22 )
NVDqnap/media_streaming_add-on500.1.1.0500.1.1.5

🔴Vulnerability Details

2
GHSA
GHSA-7mfg-57xp-v6gq: An exposure of sensitive information vulnerability has been reported to affect Media Streaming add-on2024-04-26
CVEList
Media Streaming add-on2024-04-26
CVE-2023-47222 (CRITICAL CVSS 9.8) | An exposure of sensitive informatio | cvebase.io