Unrated severityNVD Advisory· Published Mar 19, 2025· Updated Mar 28, 2025
CVE-2024-50629
CVE-2024-50629
Description
Improper encoding or escaping of output vulnerability in the webapi component in Synology BeeStation OS (BSM) before 1.1-65374 and Synology DiskStation Manager (DSM) before 7.1.1-42962-7, 7.2-64570-4, 7.2.1-69057-6 and 7.2.2-72806-1 allow remote attackers to read limited files via unspecified vectors.
Affected products
4- Range: before 7.1.1-42962-7, before 7.2-64570-4, before 7.2.1-69057-6, before 7.2.2-72806-1
- Range: <1.1-65374
- Synology/BeeStation OS (BSM)v5Range: 1.1
- Synology/DiskStation Manager (DSM)v5Range: 7.2.2
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
2- www.synology.com/en-global/security/advisory/Synology_SA_24_20mitrevendor-advisory
- www.synology.com/en-global/security/advisory/Synology_SA_24_23mitrevendor-advisory
News mentions
0No linked articles in our index yet.