安全ID : NAS-201909-26
Security Advisory for Vulnerability in Music Station
发布日期 : September 27, 2019
通用漏洞披露 : CVE-2019-7188
受影响产品: All QNAP NAS running Music Station
严重程度
Moderate
状态
已解决
Summary
A reported vulnerability may affect Music Station. If exploited, the vulnerability may allow an attacker to inject arbitrary code into the system.
We have already fixed this issue in the following QTS versions:
- QTS 4.3.3: Music Station 5.1.10 and later
- QTS 4.3.4: Music Station 5.1.10 and later
- QTS 4.3.6: Music Station 5.2.7 and later
- QTS 4.4.1: Music Station 5.3.4 and later
Recommendation
To fix the vulnerability, we recommend updating the Music Station to the latest version.
Updating Music Station
- Log on to QTS as an administrator.
- Open the App Center, and then click
.
A search box appears. - Type “Music Station”, and then press ENTER.
The Music Station application appears in the search results list. - Click Update.
A confirmation message appears.
Note: The Update button is not available if your Music Station is already up to date. - Click OK.
The application is updated.
致谢: CyCarrier CSIRT
修订历史: V1.0 (September 27, 2019) - Published
