Medium severity6.1NVD Advisory· Published May 27, 2026· Updated Jun 2, 2026
CVE-2025-66592
CVE-2025-66592
Description
An origin validation error vulnerability in Synology Active Backup for Business Agent before 3.1.0-4967 allows local users to write arbitrary files with restricted content and conduct denial-of-service during installation.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- cpe:2.3:a:synology:active_backup_for_business_agent:*:*:*:*:*:*:*:*Range: <3.1.0-4967
- Range: <3.1.0-4967
Patches
Vulnerability mechanics
References
1- www.synology.com/en-global/security/advisory/Synology_SA_25_16nvdVendor Advisory
News mentions
1- Synology: 10 CVEs Disclosed Across NAS, BeeStation, and Backup ProductsVypr Intelligence · May 27, 2026