QNAP NAS application Media Streaming add-on version 421.1.0.2, 430.1.2.0, and earlier allows remote attackers to run arbitrary OS commands against the system with root privileges.
[
{
"product": "QNAP Media Streaming Add-On",
"vendor": "QNAP",
"versions": [
{
"status": "affected",
"version": "421.1.0.2, 430.1.2.0, and earlier"
}
]
}
]