CVE-2021-34362 - OpenCVE

A command injection vulnerability has been reported to affect QNAP device running Media Streaming add-on. If exploited, this vulnerability allow remote attackers to run arbitrary commands. We have already fixed this vulnerability in the following versions of Media Streaming add-on: QTS 5.0.0: Media Streaming add-on 500.0.0.3 ( 2021/08/20 ) and later QTS 4.5.4: Media Streaming add-on 500.0.0.3 ( 2021/08/20 ) and later QTS 4.3.6: Media Streaming add-on 430.1.8.12 ( 2021/08/20 ) and later QTS 4.3.3: Media Streaming add-on 430.1.8.12 ( 2021/09/29 ) and later QuTS-Hero 5.0.0: Media Streaming add-on 500.0.0.3 ( 2021/08/20 ) and later

Attack Vector Network

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:L/Au:S/C:P/I:P/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Qnap	Media Streaming Add-on Qts Quts Hero

Configuration 1 [-]

AND

cpe:2.3:a:qnap:media_streaming_add-on:*:*:*:*:*:*:*:*

OR	cpe:2.3:o:qnap:qts:4.5.4:::::::*
	cpe:2.3:o:qnap:qts:5.0.0:::::::*

Configuration 2 [-]

AND

cpe:2.3:a:qnap:media_streaming_add-on:*:*:*:*:*:*:*:*

OR	cpe:2.3:o:qnap:qts:4.3.3:-::::::
	cpe:2.3:o:qnap:qts:4.3.6:-::::::

Configuration 3 [-]

AND

cpe:2.3:a:qnap:media_streaming_add-on:*:*:*:*:*:*:*:*

OR	cpe:2.3:o:qnap:quts_hero:h4.5.4:::::::*
	cpe:2.3:o:qnap:quts_hero:h5.0.0:::::::*

References

Link	Resource
https://www.qnap.com/en/security-advisory/qsa-21-44	Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: qnap

Published: 2021-10-21T00:00:00

Updated: 2021-10-22T04:25:09

Reserved: 2021-06-08T00:00:00

Link: CVE-2021-34362

JSON object: View

NVD Information

Status : Analyzed

Published: 2021-10-22T05:15:41.773

Modified: 2022-04-25T17:27:12.550

Link: CVE-2021-34362

JSON object: View

Redhat Information

No data.

CWE

{"containers": {"cna": {"affected": [{"platforms": ["QuTS-Hero 5.0.0"], "product": "Media Streaming add-on", "vendor": "QNAP Systems Inc.", "versions": [{"lessThan": "500.0.0.3 ( 2021/08/20 )", "status": "affected", "version": "unspecified", "versionType": "custom"}]}, {"platforms": ["QTS 5.0.0"], "product": "Media Streaming add-on", "vendor": "QNAP Systems Inc.", "versions": [{"lessThan": "500.0.0.3 ( 2021/08/20 )", "status": "affected", "version": "unspecified", "versionType": "custom"}]}, {"platforms": ["QTS 4.5.4"], "product": "Media Streaming add-on", "vendor": "QNAP Systems Inc.", "versions": [{"lessThan": "500.0.0.3 ( 2021/08/20 )", "status": "affected", "version": "unspecified", "versionType": "custom"}]}, {"platforms": ["QTS 4.3.6"], "product": "Media Streaming add-on", "vendor": "QNAP Systems Inc.", "versions": [{"lessThan": "430.1.8.12 ( 2021/08/20 )", "status": "affected", "version": "unspecified", "versionType": "custom"}]}, {"platforms": ["QTS 4.3.3"], "product": "Media Streaming add-on", "vendor": "QNAP Systems Inc.", "versions": [{"lessThan": "430.1.8.12 ( 2021/09/29 )", "status": "affected", "version": "unspecified", "versionType": "custom"}]}], "credits": [{"lang": "en", "value": "Tony Martin, a security researcher"}], "datePublic": "2021-10-21T00:00:00", "descriptions": [{"lang": "en", "value": "A command injection vulnerability has been reported to affect QNAP device running Media Streaming add-on. If exploited, this vulnerability allow remote attackers to run arbitrary commands. We have already fixed this vulnerability in the following versions of Media Streaming add-on: QTS 5.0.0: Media Streaming add-on 500.0.0.3 ( 2021/08/20 ) and later QTS 4.5.4: Media Streaming add-on 500.0.0.3 ( 2021/08/20 ) and later QTS 4.3.6: Media Streaming add-on 430.1.8.12 ( 2021/08/20 ) and later QTS 4.3.3: Media Streaming add-on 430.1.8.12 ( 2021/09/29 ) and later QuTS-Hero 5.0.0: Media Streaming add-on 500.0.0.3 ( 2021/08/20 ) and later"}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 8.7, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-78", "description": "CWE-78", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2021-10-22T04:25:09", "orgId": "2fd009eb-170a-4625-932b-17a53af1051f", "shortName": "qnap"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://www.qnap.com/en/security-advisory/qsa-21-44"}], "solutions": [{"lang": "en", "value": "We have already fixed this vulnerability in the following versions of Media Streaming add-on:\nQTS 5.0.0: Media Streaming add-on 500.0.0.3 ( 2021/08/20 ) and later\nQTS 4.5.4: Media Streaming add-on 500.0.0.3 ( 2021/08/20 ) and later\nQTS 4.3.6: Media Streaming add-on 430.1.8.12 ( 2021/08/20 ) and later\nQTS 4.3.3: Media Streaming add-on 430.1.8.12 ( 2021/09/29 ) and later\nQuTS-Hero 5.0.0: Media Streaming add-on 500.0.0.3 ( 2021/08/20 ) and later\n"}], "source": {"advisory": "QSA-21-44", "discovery": "EXTERNAL"}, "title": "Command Injection Vulnerability in Media Streaming Add-on", "x_generator": {"engine": "Vulnogram 0.0.9"}, "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security@qnap.com", "DATE_PUBLIC": "2021-10-21T17:29:00.000Z", "ID": "CVE-2021-34362", "STATE": "PUBLIC", "TITLE": "Command Injection Vulnerability in Media Streaming Add-on"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Media Streaming add-on", "version": {"version_data": [{"platform": "QuTS-Hero 5.0.0", "version_affected": "<", "version_value": "500.0.0.3 ( 2021/08/20 )"}, {"platform": "QTS 5.0.0", "version_affected": "<", "version_value": "500.0.0.3 ( 2021/08/20 )"}, {"platform": "QTS 4.5.4", "version_affected": "<", "version_value": "500.0.0.3 ( 2021/08/20 )"}, {"platform": "QTS 4.3.6", "version_affected": "<", "version_value": "430.1.8.12 ( 2021/08/20 )"}, {"platform": "QTS 4.3.3", "version_affected": "<", "version_value": "430.1.8.12 ( 2021/09/29 )"}]}}]}, "vendor_name": "QNAP Systems Inc."}]}}, "credit": [{"lang": "eng", "value": "Tony Martin, a security researcher"}], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A command injection vulnerability has been reported to affect QNAP device running Media Streaming add-on. If exploited, this vulnerability allow remote attackers to run arbitrary commands. We have already fixed this vulnerability in the following versions of Media Streaming add-on: QTS 5.0.0: Media Streaming add-on 500.0.0.3 ( 2021/08/20 ) and later QTS 4.5.4: Media Streaming add-on 500.0.0.3 ( 2021/08/20 ) and later QTS 4.3.6: Media Streaming add-on 430.1.8.12 ( 2021/08/20 ) and later QTS 4.3.3: Media Streaming add-on 430.1.8.12 ( 2021/09/29 ) and later QuTS-Hero 5.0.0: Media Streaming add-on 500.0.0.3 ( 2021/08/20 ) and later"}]}, "generator": {"engine": "Vulnogram 0.0.9"}, "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 8.7, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-78"}]}]}, "references": {"reference_data": [{"name": "https://www.qnap.com/en/security-advisory/qsa-21-44", "refsource": "MISC", "url": "https://www.qnap.com/en/security-advisory/qsa-21-44"}]}, "solution": [{"lang": "en", "value": "We have already fixed this vulnerability in the following versions of Media Streaming add-on:\nQTS 5.0.0: Media Streaming add-on 500.0.0.3 ( 2021/08/20 ) and later\nQTS 4.5.4: Media Streaming add-on 500.0.0.3 ( 2021/08/20 ) and later\nQTS 4.3.6: Media Streaming add-on 430.1.8.12 ( 2021/08/20 ) and later\nQTS 4.3.3: Media Streaming add-on 430.1.8.12 ( 2021/09/29 ) and later\nQuTS-Hero 5.0.0: Media Streaming add-on 500.0.0.3 ( 2021/08/20 ) and later\n"}], "source": {"advisory": "QSA-21-44", "discovery": "EXTERNAL"}}}}, "cveMetadata": {"assignerOrgId": "2fd009eb-170a-4625-932b-17a53af1051f", "assignerShortName": "qnap", "cveId": "CVE-2021-34362", "datePublished": "2021-10-21T00:00:00", "dateReserved": "2021-06-08T00:00:00", "dateUpdated": "2021-10-22T04:25:09", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:qnap:media_streaming_add-on:*:*:*:*:*:*:*:*", "matchCriteriaId": "29C69F02-28F2-4BCB-A59A-29AB0D7B78B2", "versionEndExcluding": "500.0.0.3", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:qnap:qts:4.5.4:*:*:*:*:*:*:*", "matchCriteriaId": "4614DB45-E510-42A3-B254-DB8C4A99E907", "vulnerable": false}, {"criteria": "cpe:2.3:o:qnap:qts:5.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "DC98874F-5D92-481D-B4E2-EC548727719C", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:qnap:media_streaming_add-on:*:*:*:*:*:*:*:*", "matchCriteriaId": "48B0CECE-282E-41F0-B50E-0DC182D6A872", "versionEndExcluding": "430.1.8.12", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:qnap:qts:4.3.3:-:*:*:*:*:*:*", "matchCriteriaId": "B16E7153-5F0F-489A-AA34-4A74CB04225B", "vulnerable": false}, {"criteria": "cpe:2.3:o:qnap:qts:4.3.6:-:*:*:*:*:*:*", "matchCriteriaId": "A0E214BD-DC96-4B53-9BE7-8DD8F79B4542", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:qnap:media_streaming_add-on:*:*:*:*:*:*:*:*", "matchCriteriaId": "29C69F02-28F2-4BCB-A59A-29AB0D7B78B2", "versionEndExcluding": "500.0.0.3", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:qnap:quts_hero:h4.5.4:*:*:*:*:*:*:*", "matchCriteriaId": "73A514A9-AF79-4CCB-8DFD-347FF487B47A", "vulnerable": false}, {"criteria": "cpe:2.3:o:qnap:quts_hero:h5.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "79F492BF-8B5C-4C3A-9F00-D3304BFED992", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "A command injection vulnerability has been reported to affect QNAP device running Media Streaming add-on. If exploited, this vulnerability allow remote attackers to run arbitrary commands. We have already fixed this vulnerability in the following versions of Media Streaming add-on: QTS 5.0.0: Media Streaming add-on 500.0.0.3 ( 2021/08/20 ) and later QTS 4.5.4: Media Streaming add-on 500.0.0.3 ( 2021/08/20 ) and later QTS 4.3.6: Media Streaming add-on 430.1.8.12 ( 2021/08/20 ) and later QTS 4.3.3: Media Streaming add-on 430.1.8.12 ( 2021/09/29 ) and later QuTS-Hero 5.0.0: Media Streaming add-on 500.0.0.3 ( 2021/08/20 ) and later"}, {"lang": "es", "value": "Se ha informado de una vulnerabilidad de inyecci\u00f3n de comandos que afecta al dispositivo QNAP que ejecuta el complemento Media Streaming. Si es explotado, esta vulnerabilidad permite a atacantes remotos ejecutar comandos arbitrarios. Ya hemos corregido esta vulnerabilidad en las siguientes versiones del complemento Media Streaming: QTS 5.0.0: Media Streaming add-on 500.0.0.3 (20/08/2021) y posteriores QTS 4.5.4: Media Streaming add-on 500.0.0.3 (20/08/2021) y posteriores QTS 4.3.6: Media Streaming add-on 430.1.8.12 (20/08/2021) y posteriores QTS 4.3.3: Media Streaming add-on 430.1.8.12 (29/09/2021) y posteriores QuTS-Hero 5.0.0: Media Streaming add-on 500.0.0.3 (20/08/2021) y posteriores"}], "id": "CVE-2021-34362", "lastModified": "2022-04-25T17:27:12.550", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 6.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.2, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 8.7, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 2.3, "impactScore": 5.8, "source": "security@qnapsecurity.com.tw", "type": "Secondary"}]}, "published": "2021-10-22T05:15:41.773", "references": [{"source": "security@qnapsecurity.com.tw", "tags": ["Vendor Advisory"], "url": "https://www.qnap.com/en/security-advisory/qsa-21-44"}], "sourceIdentifier": "security@qnapsecurity.com.tw", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-77"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-78"}], "source": "security@qnapsecurity.com.tw", "type": "Secondary"}]}