Unrated severityNVD Advisory· Published Mar 28, 2024· Updated Aug 1, 2025
CVE-2024-29237
CVE-2024-29237
Description
Improper neutralization of special elements used in an SQL command ('SQL Injection') vulnerability in ActionRule.Delete webapi component in Synology Surveillance Station before 9.2.0-11289 and 9.2.0-9289 allows remote authenticated users to read database containing non-sensitive information and conduct limited denial-of-service attacks via unspecified vectors.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: <9.2.0-11289
- Synology/Surveillance Stationv5Range: *
Patches
Vulnerability mechanics
References
1- www.synology.com/en-global/security/advisory/Synology_SA_24_04mitrevendor-advisory
News mentions
0No linked articles in our index yet.