This command injection vulnerability in Music Station allows attackers to execute commands on the affected device. To fix the vulnerability, QNAP recommend updating Music Station to their latest versions.
[
{
"product": "QNAP NAS devices",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "QTS 4.4.1: Music Station before version 5.3.5, QTS 4.3.6: Music Station before version 5.2.7, QTS 4.3.4: Music Station before version 5.1.11, QTS 4.3.3: Music Station before version 5.1.11, QTS 4.2.6: Music Station before version 4.8.8"
}
]
}
]