Security ID : QSA-24-47
Vulnerability in Media Streaming Add-on
Release date : November 23, 2024
CVE identifier : CVE-2024-50395
Affected products: Media Streaming Add-on 500.1.x
Severity
Moderate
Status
Resolved
Summary
An authorization bypass through user-controlled key vulnerability has been reported to affect Media Streaming add-on. If exploited, the vulnerability could allow attackers with local network access to gain unintended privileges.
We have already fixed the vulnerability in the following version:
| Affected Product | Fixed Version |
| Media Streaming Add-on 500.1.x | Media Streaming Add-on 500.1.1.6 (2024/08/02) and later |
Recommendation
To fix the vulnerability, we recommend updating Media Streaming Add-on to the latest version.
Updating Media Streaming Add-on
- Log on to QTS or QuTS hero as an administrator.
- Open App Center and then click
.
A search box appears. - Type "Media Streaming Add-on" and then press ENTER.
Media Streaming Add-on appears in the search results. - Click Update.
A confirmation message appears.
Note: The Update button is not available if your Media Streaming Add-on is already up to date. - Click OK.
The application is updated.
Attachment
Acknowledgements: Dohwan KIM (neko_hat from TeamH4C)
Revision History:
V1.0 (November 23, 2024) - Published
