CVE-2023-45038

MEDIUM EXPLOITED NUCLEI

Qnap Music Station < 5.4.0 - Authentication Bypass

Title source: rule

Description

An improper authentication vulnerability has been reported to affect Music Station. If exploited, the vulnerability could allow users to compromise the security of the system via a network. We have already fixed the vulnerability in the following version: Music Station 5.4.0 and later

Nuclei Templates (1)

QNAP Music Station < 5.4.0 - Authentication Bypass

MEDIUMVERIFIEDby daffainfo

Shodan: http.title:"qnap"

FOFA: title="qnap"

References (1)

[Vendor Advisory] https://www.qnap.com/en/security-advisory/qsa-24-25

Scores

CVSS v3 4.3

EPSS 0.0854

EPSS Percentile 92.4%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

Details

VulnCheck KEV 2025-08-16

CWE

CWE-287

Status published

Products (1)

qnap/music_station 5.0.0 - 5.4.0

Published Sep 06, 2024

Tracked Since Feb 18, 2026