DNS Server
by Synology
CVEs (4)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-12074 | Med | 0.42 | 6.5 | 0.02 | Aug 24, 2017 | Directory traversal vulnerability in the SYNO.DNSServer.Zone.MasterZoneConf in Synology DNS Server before 2.2.1-3042 allows remote authenticated attackers to write arbitrary files via the domain_name parameter. | ||
| CVE-2021-26894 | 0.01 | — | 0.07 | Mar 11, 2021 | Windows DNS Server Remote Code Execution Vulnerability | |||
| CVE-2024-26223 | 0.00 | — | 0.02 | Apr 9, 2024 | Windows DNS Server Remote Code Execution Vulnerability | |||
| CVE-2022-27615 | 0.00 | — | 0.01 | Jul 28, 2022 | Improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in cgi component in Synology DNS Server before 2.2.2-5027 allows remote authenticated users to delete arbitrary files via unspecified vectors. |
- risk 0.42cvss 6.5epss 0.02
Directory traversal vulnerability in the SYNO.DNSServer.Zone.MasterZoneConf in Synology DNS Server before 2.2.1-3042 allows remote authenticated attackers to write arbitrary files via the domain_name parameter.
- CVE-2021-26894Mar 11, 2021risk 0.01cvss —epss 0.07
Windows DNS Server Remote Code Execution Vulnerability
- CVE-2024-26223Apr 9, 2024risk 0.00cvss —epss 0.02
Windows DNS Server Remote Code Execution Vulnerability
- CVE-2022-27615Jul 28, 2022risk 0.00cvss —epss 0.01
Improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in cgi component in Synology DNS Server before 2.2.2-5027 allows remote authenticated users to delete arbitrary files via unspecified vectors.