CVE-2024-14024

An improper certificate validation vulnerability has been reported to affect Video Station. If an attacker gains local network access who have also gained an administrator account, they can then exploit the vulnerability to compromise the security of the system. We have already fixed the vulnerability in the following version: Video Station 5.8.2 and later
References
Configurations

Configuration 1 (hide)

cpe:2.3:a:qnap:video_station:*:*:*:*:*:*:*:*

History

17 Jun 2026, 07:03

Type Values Removed Values Added
Summary
  • (es) Se ha reportado una vulnerabilidad de validación de certificado incorrecta que afecta a Video Station. Si un atacante obtiene acceso a la red local y también ha obtenido una cuenta de administrador, puede entonces explotar la vulnerabilidad para comprometer la seguridad del sistema. Ya hemos corregido la vulnerabilidad en la siguiente versión: Video Station 5.8.2 y posteriores

13 Mar 2026, 13:06

Type Values Removed Values Added
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 6.7
References () https://www.qnap.com/en/security-advisory/qsa-24-24 - () https://www.qnap.com/en/security-advisory/qsa-24-24 - Vendor Advisory
First Time Qnap video Station
Qnap
CPE cpe:2.3:a:qnap:video_station:*:*:*:*:*:*:*:*

11 Mar 2026, 09:16

Type Values Removed Values Added
References
  • {'url': 'https://www.qnap.com/en/security-advisory/qsa-24-56', 'source': 'security@qnapsecurity.com.tw'}
  • () https://www.qnap.com/en/security-advisory/qsa-24-24 -

11 Mar 2026, 08:16

Type Values Removed Values Added
New CVE

Information

Published : 2026-03-11 08:16

Updated : 2026-06-17 07:03


NVD link : CVE-2024-14024

Mitre link : CVE-2024-14024

CVE.ORG link : CVE-2024-14024


JSON object : View

Products Affected

qnap

  • video_station
CWE
CWE-295

Improper Certificate Validation