{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-12T18:40:43.176","vulnerabilities":[{"cve":{"id":"CVE-2024-14024","sourceIdentifier":"security@qnapsecurity.com.tw","published":"2026-03-11T08:16:01.633","lastModified":"2026-03-13T13:06:17.493","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"An improper certificate validation vulnerability has been reported to affect Video Station. If an attacker gains local network access who have also gained an administrator account, they can then exploit the vulnerability to compromise the security of the system.\n\nWe have already fixed the vulnerability in the following version:\nVideo Station 5.8.2 and later"},{"lang":"es","value":"Se ha reportado una vulnerabilidad de validación de certificado incorrecta que afecta a Video Station. Si un atacante obtiene acceso a la red local y también ha obtenido una cuenta de administrador, puede entonces explotar la vulnerabilidad para comprometer la seguridad del sistema.\n\nYa hemos corregido la vulnerabilidad en la siguiente versión:\nVideo Station 5.8.2 y posteriores"}],"metrics":{"cvssMetricV40":[{"source":"security@qnapsecurity.com.tw","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:P/AC:L/AT:P/PR:H/UI:N/VC:N/VI:L/VA:L/SC:N/SI:L/SA:L/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":0.1,"baseSeverity":"LOW","attackVector":"PHYSICAL","attackComplexity":"LOW","attackRequirements":"PRESENT","privilegesRequired":"HIGH","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"LOW","subConfidentialityImpact":"NONE","subIntegrityImpact":"LOW","subAvailabilityImpact":"LOW","exploitMaturity":"UNREPORTED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","baseScore":6.7,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":0.8,"impactScore":5.9}]},"weaknesses":[{"source":"security@qnapsecurity.com.tw","type":"Secondary","description":[{"lang":"en","value":"CWE-295"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:qnap:video_station:*:*:*:*:*:*:*:*","versionStartIncluding":"5.0.0","versionEndExcluding":"5.8.2","matchCriteriaId":"2552122C-93E4-471B-A5BE-D3B931836217"}]}]}],"references":[{"url":"https://www.qnap.com/en/security-advisory/qsa-24-24","source":"security@qnapsecurity.com.tw","tags":["Vendor Advisory"]}]}}]}