Vendor CVEs
Synology
All CVEs
319 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-14491 | Cri | 0.73 | 9.8 | 0.85 | Oct 4, 2017 | Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DNS response. | ||
| CVE-2017-11151 | Cri | 0.69 | 9.8 | 0.25 | Aug 8, 2017 | A vulnerability in synotheme_upload.php in Synology Photo Station before 6.7.3-3432 and 6.3-2967 allows remote attackers to upload arbitrary files without authentication via the logo_upload action. | ||
| CVE-2017-11153 | Cri | 0.68 | 9.8 | 0.19 | Aug 8, 2017 | Deserialization vulnerability in synophoto_csPhotoMisc.php in Synology Photo Station before 6.7.3-3432 and 6.3-2967 allows remote attackers to gain administrator privileges via a crafted serialized payload. | ||
| CVE-2016-10329 | Cri | 0.67 | 9.8 | 0.40 | May 12, 2017 | Command injection vulnerability in login.php in Synology Photo Station before 6.5.3-3226 allows remote attackers to execute arbitrary code via shell metacharacters in the crafted 'X-Forwarded-For' header. | ||
| CVE-2017-15889 | Hig | 0.66 | 8.8 | 0.72 | Dec 4, 2017 | Command injection vulnerability in smart.cgi in Synology DiskStation Manager (DSM) before 5.2-5967-5 allows remote authenticated users to execute arbitrary commands via disk field. | ||
| CVE-2025-12686 | Cri | 0.64 | 9.8 | 0.03 | May 27, 2026 | Buffer copy without checking size of input ('Classic Buffer Overflow') vulnerability in AdminCenter in Synology BeeStation OS before 1.3.2-65648 allows remote attackers to execute arbitrary code via unspecified vectors. | ||
| CVE-2016-6554 | Cri | 0.64 | 9.8 | 0.04 | Jul 13, 2018 | Synology NAS servers DS107, firmware version 3.1-1639 and prior, and DS116, DS213, firmware versions prior to 5.2-5644-1, use non-random default credentials of: guest:(blank) and admin:(blank) . A remote network attacker can gain privileged access to a vulnerable device. | ||
| CVE-2017-15887 | Cri | 0.64 | 9.8 | 0.02 | Nov 7, 2017 | An improper restriction of excessive authentication attempts vulnerability in /principals in Synology CardDAV Server before 6.0.7-0085 allows remote attackers to obtain user credentials via a brute-force attack. | ||
| CVE-2017-11161 | Cri | 0.64 | 9.8 | 0.01 | Sep 8, 2017 | Multiple SQL injection vulnerabilities in Synology Photo Station before 6.7.4-3433 and 6.3-2968 allow remote attackers to execute arbitrary SQL commands via the (1) article_id parameter to label.php; or (2) type parameter to synotheme.php. | ||
| CVE-2018-8926 | Hig | 0.57 | 8.8 | 0.02 | Jun 8, 2018 | Permissive regular expression vulnerability in synophoto_dsm_user in Synology Photo Station before 6.8.5-3471 and before 6.3-2975 allows remote authenticated users to conduct privilege escalation attacks via the fullname parameter. | ||
| CVE-2018-8925 | Hig | 0.57 | 8.8 | 0.01 | Jun 8, 2018 | Cross-site request forgery (CSRF) vulnerability in admin/user.php in Synology Photo Station before 6.8.5-3471 and before 6.3-2975 allows remote attackers to hijack the authentication of administrators via the (1) username, (2) password, (3) admin, (4) action, (5) uid, or (6)… | ||
| CVE-2017-16772 | Hig | 0.57 | 8.8 | 0.03 | Mar 22, 2018 | Improper input validation vulnerability in SYNOPHOTO_Flickr_MultiUpload in Synology Photo Station before 6.8.3-3463 and before 6.3-2971 allows remote authenticated users to execute arbitrary codes via the prog_id parameter. | ||
| CVE-2016-10322 | Hig | 0.57 | 8.8 | 0.02 | Apr 10, 2017 | Synology Photo Station before 6.3-2958 allows remote authenticated guest users to execute arbitrary commands via shell metacharacters in the X-Forwarded-For HTTP header to photo/login.php. | ||
| CVE-2025-30028 | Hig | 0.56 | 8.6 | 0.00 | May 27, 2026 | A vulnerability in Active Backup for Business allows unauthorized remote attackers to read arbitrary files. | ||
| CVE-2017-11155 | Hig | 0.55 | 7.5 | 0.45 | Aug 8, 2017 | An information exposure vulnerability in index.php in Synology Photo Station before 6.7.3-3432 and 6.3-2967 allows remote attackers to obtain sensitive system information via unspecified vectors. | ||
| CVE-2025-13392 | Hig | 0.53 | 8.1 | 0.01 | May 27, 2026 | Improper check for unusual or exceptional conditions vulnerability in SSO in Synology DiskStation Manager (DSM) before 7.2.2-72806-5 and 7.3.1-86003-1 (7.2.1-69057 is not affected) allows remote attackers to bypass authentication with prior knowledge of the distinguished name… | ||
| CVE-2021-47961 | Hig | 0.53 | 8.1 | 0.00 | Apr 10, 2026 | A plaintext storage of a password vulnerability in Synology SSL VPN Client before 1.4.5-0684 allows remote attackers to access or influence the user's PIN code due to insecure storage. This may lead to unauthorized VPN configuration and potential interception of subsequent VPN… | ||
| CVE-2017-11152 | Hig | 0.53 | 7.5 | 0.14 | Aug 8, 2017 | Directory traversal vulnerability in PixlrEditorHandler.php in Synology Photo Station before 6.7.3-3432 and 6.3-2967 allows remote attackers to write arbitrary files via the path parameter. | ||
| CVE-2022-49042 | Hig | 0.51 | 7.8 | 0.00 | Jun 3, 2026 | An inclusion of functionality from untrusted control sphere vulnerability in MinGW DLL component in Synology Hyper Backup Explorer before 3.0.1-0156 allows local users to execute arbitrary code via unspecified vectors. | ||
| CVE-2022-49036 | Hig | 0.51 | 7.8 | 0.00 | Jun 3, 2026 | An inclusion of functionality from untrusted control sphere vulnerability in OpenSSL configuration in Synology Active Backup for Business Recovery Media Creator before 2.5.0-2081 allows local users to execute arbitrary code via unspecified vectors. | ||
| CVE-2023-52945 | Hig | 0.51 | 7.8 | 0.00 | May 27, 2026 | Uncontrolled search path element vulnerability in OpenSSL DLL component in Synology BeeDrive for desktop before 1.3.2-13814 allows local users to execute arbitrary code via unspecified vectors. | ||
| CVE-2017-11158 | Hig | 0.51 | 7.8 | 0.00 | Aug 31, 2017 | Multiple untrusted search path vulnerabilities in the installer in Synology Cloud Station Drive before 4.2.5-4396 on Windows allow local attackers to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse (1) shfolder.dll, (2) ntmarta.dll, (3) secur32.dll or… | ||
| CVE-2017-11157 | Hig | 0.51 | 7.8 | 0.00 | Aug 30, 2017 | Multiple untrusted search path vulnerabilities in the installer in Synology Cloud Station Backup before 4.2.5-4396 on Windows allow local attackers to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse (1) shfolder.dll, (2) ntmarta.dll, (3) secur32.dll… | ||
| CVE-2017-11159 | Hig | 0.51 | 7.8 | 0.00 | Aug 23, 2017 | Multiple untrusted search path vulnerabilities in installer in Synology Photo Station Uploader before 1.4.2-084 on Windows allows local attackers to execute arbitrary code and conduct DLL hijacking attack via a Trojan horse (1) shfolder.dll, (2) ntmarta.dll, (3) secur32.dll or… | ||
| CVE-2017-11160 | Hig | 0.51 | 7.8 | 0.00 | Aug 18, 2017 | Multiple untrusted search path vulnerabilities in installer in Synology Assistant before 6.1-15163 on Windows allows local attackers to execute arbitrary code and conduct DLL hijacking attack via a Trojan horse (1) shfolder.dll, (2) ntmarta.dll, (3) secur32.dll or (4) dwmapi.dll… | ||
| CVE-2017-11156 | Hig | 0.51 | 7.8 | 0.02 | Aug 14, 2017 | Synology Download Station 3.8.x before 3.8.5-3475 and 3.x before 3.5-2984 uses weak permissions (0777) for ui/dlm/btsearch directory, which allows remote authenticated users to execute arbitrary code by uploading an executable via unspecified vectors. | ||
| CVE-2017-11150 | Hig | 0.51 | 7.8 | 0.02 | Aug 14, 2017 | Command injection vulnerability in Document.php in Synology Office 2.2.0-1502 and 2.2.1-1506 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the crafted file name of RTF documents. | ||
| CVE-2017-11154 | Hig | 0.51 | 7.2 | 0.14 | Aug 8, 2017 | Unrestricted file upload vulnerability in PixlrEditorHandler.php in Synology Photo Station before 6.7.3-3432 and 6.3-2967 allows remote attackers to create arbitrary PHP scripts via the type parameter. | ||
| CVE-2017-9552 | Hig | 0.51 | 7.8 | 0.00 | Jun 13, 2017 | A design flaw in authentication in Synology Photo Station 6.0-2528 through 6.7.1-3419 allows local users to obtain credentials via cmdline. Synology Photo Station employs the synophoto_dsm_user program to authenticate username and password by "synophoto_dsm_user --auth USERNAME… | ||
| CVE-2016-10323 | Hig | 0.51 | 7.8 | 0.01 | Apr 10, 2017 | Synology Photo Station before 6.3-2958 allows local users to gain privileges by leveraging setuid execution of a "synophoto_dsm_user --copy-no-ea" command. | ||
| CVE-2025-14713 | Hig | 0.49 | 7.5 | 0.00 | May 27, 2026 | An Exposed Dangerous Method or Function vulnerability in Synology C2 Identity Edge Server package in DSM before 1.76.0-0307 allows remote attackers to obtain user credentials from the edge server. | ||
| CVE-2017-12079 | Hig | 0.49 | 7.5 | 0.02 | Dec 4, 2017 | Files or directories accessible to external parties vulnerability in picasa.php in Synology Photo Station before 6.8.1-3458 and before 6.3-2970 allows remote attackers to obtain arbitrary files via prog_id field. | ||
| CVE-2017-9553 | Hig | 0.49 | 7.5 | 0.01 | Jul 24, 2017 | A design flaw in SYNO.API.Encryption in Synology DiskStation Manager (DSM) before 6.1.3-15152 allows remote attackers to bypass the encryption protection mechanism via the crafted version parameter. | ||
| CVE-2016-10331 | Hig | 0.49 | 7.5 | 0.02 | May 12, 2017 | Directory traversal vulnerability in download.php in Synology Photo Station before 6.5.3-3226 allows remote attackers to read arbitrary files via a full pathname in the id parameter. | ||
| CVE-2018-13280 | Hig | 0.48 | 7.4 | 0.01 | Jul 30, 2018 | Use of insufficiently random values vulnerability in SYNO.Encryption.GenRandomKey in Synology DiskStation Manager (DSM) before 6.2-23739 allows man-in-the-middle attackers to compromise non-HTTPS sessions via unspecified vectors. | ||
| CVE-2018-8929 | Hig | 0.48 | 7.3 | 0.01 | Jul 6, 2018 | Improper restriction of communication channel to intended endpoints vulnerability in HTTP daemon in Synology SSL VPN Client before 1.2.4-0224 allows remote attackers to conduct man-in-the-middle attacks via a crafted payload. | ||
| CVE-2018-8914 | Hig | 0.48 | 7.3 | 0.01 | May 10, 2018 | SQL injection vulnerability in UPnP DMA in Synology Media Server before 1.7.6-2842 and before 1.4-2654 allows remote attackers to execute arbitrary SQL commands via the ObjectID parameter. | ||
| CVE-2017-12078 | Hig | 0.47 | 7.2 | 0.02 | Jun 8, 2018 | Command injection vulnerability in EZ-Internet in Synology Router Manager (SRM) before 1.1.6-6931 allows remote authenticated users to execute arbitrary command via the username parameter. | ||
| CVE-2017-12075 | Hig | 0.47 | 7.2 | 0.02 | Jun 8, 2018 | Command injection vulnerability in EZ-Internet in Synology DiskStation Manager (DSM) before 6.2-23739 allows remote authenticated users to execute arbitrary command via the username parameter. | ||
| CVE-2025-22484 | Hig | 0.46 | — | 0.00 | Jun 6, 2025 | An allocation of resources without limits or throttling vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to prevent other systems, applications, or processes from accessing the same type… | ||
| CVE-2016-10330 | Hig | 0.46 | 7.1 | 0.01 | May 12, 2017 | Directory traversal vulnerability in synophoto_dsm_user, a SUID program, as used in Synology Photo Station before 6.5.3-3226 allows local users to write to arbitrary files via unspecified vectors. | ||
| CVE-2024-11399 | Med | 0.44 | 6.8 | 0.00 | May 27, 2026 | Files or directories accessible to external parties vulnerability in redis-server component in Synology BeeDrive for desktop before 1.3.2-13814 allows local users to conduct denial-of-service attacks via unspecified vectors. | ||
| CVE-2026-3091 | Med | 0.44 | 6.7 | 0.00 | Feb 24, 2026 | An uncontrolled search path element vulnerability in Synology Presto Client before 2.1.3-0672 allows local users to read or write arbitrary files and conduct denial-of-service during installation by placing a malicious DLL in advance in the same directory as the installer. | ||
| CVE-2017-9554 | Med | 0.43 | 5.3 | 0.75 | Jul 24, 2017 | An information exposure vulnerability in forget_passwd.cgi in Synology DiskStation Manager (DSM) before 6.1.3-15152 allows remote attackers to enumerate valid usernames via unspecified vectors. | ||
| CVE-2021-47960 | Med | 0.42 | 6.5 | 0.00 | Apr 10, 2026 | A files or directories accessible to external parties vulnerability in Synology SSL VPN Client before 1.4.5-0684 allows remote attackers to access files within the installation directory via a local HTTP server bound to the loopback interface. By leveraging user interaction with… | ||
| CVE-2018-8928 | Med | 0.42 | 6.5 | 0.01 | Jul 5, 2018 | Cross-site scripting (XSS) vulnerability in Address Book Editor in Synology CardDAV Server before 6.0.8-0086 allows remote authenticated users to inject arbitrary web script or HTML via the (1) family_name, (2) given_name, or (3) additional_name parameter. | ||
| CVE-2017-16773 | Med | 0.42 | 6.5 | 0.01 | Jul 5, 2018 | Improper authorization vulnerability in Highlight Preview in Synology Universal Search before 1.0.5-0135 allows remote authenticated users to bypass permission checks for directories in POSIX mode. | ||
| CVE-2018-8924 | Med | 0.42 | 6.5 | 0.01 | Jun 5, 2018 | Cross-site scripting (XSS) vulnerability in Title Tootip in Synology Office before 3.0.3-2143 allows remote authenticated users to inject arbitrary web script or HTML via the malicious file name. | ||
| CVE-2018-8923 | Med | 0.42 | 6.5 | 0.01 | Jun 5, 2018 | Cross-site scripting (XSS) vulnerability in Attachment Preview in Synology File Station before 1.1.4-0122 allows remote authenticated users to inject arbitrary web script or HTML via malicious attachments. | ||
| CVE-2018-8922 | Med | 0.42 | 6.5 | 0.01 | Jun 1, 2018 | Improper access control vulnerability in Synology Drive before 1.0.2-10275 allows remote authenticated users to access non-shared files or folders via unspecified vectors. |
- risk 0.73cvss 9.8epss 0.85
Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DNS response.
- risk 0.69cvss 9.8epss 0.25
A vulnerability in synotheme_upload.php in Synology Photo Station before 6.7.3-3432 and 6.3-2967 allows remote attackers to upload arbitrary files without authentication via the logo_upload action.
- risk 0.68cvss 9.8epss 0.19
Deserialization vulnerability in synophoto_csPhotoMisc.php in Synology Photo Station before 6.7.3-3432 and 6.3-2967 allows remote attackers to gain administrator privileges via a crafted serialized payload.
- risk 0.67cvss 9.8epss 0.40
Command injection vulnerability in login.php in Synology Photo Station before 6.5.3-3226 allows remote attackers to execute arbitrary code via shell metacharacters in the crafted 'X-Forwarded-For' header.
- risk 0.66cvss 8.8epss 0.72
Command injection vulnerability in smart.cgi in Synology DiskStation Manager (DSM) before 5.2-5967-5 allows remote authenticated users to execute arbitrary commands via disk field.
- risk 0.64cvss 9.8epss 0.03
Buffer copy without checking size of input ('Classic Buffer Overflow') vulnerability in AdminCenter in Synology BeeStation OS before 1.3.2-65648 allows remote attackers to execute arbitrary code via unspecified vectors.
- risk 0.64cvss 9.8epss 0.04
Synology NAS servers DS107, firmware version 3.1-1639 and prior, and DS116, DS213, firmware versions prior to 5.2-5644-1, use non-random default credentials of: guest:(blank) and admin:(blank) . A remote network attacker can gain privileged access to a vulnerable device.
- risk 0.64cvss 9.8epss 0.02
An improper restriction of excessive authentication attempts vulnerability in /principals in Synology CardDAV Server before 6.0.7-0085 allows remote attackers to obtain user credentials via a brute-force attack.
- risk 0.64cvss 9.8epss 0.01
Multiple SQL injection vulnerabilities in Synology Photo Station before 6.7.4-3433 and 6.3-2968 allow remote attackers to execute arbitrary SQL commands via the (1) article_id parameter to label.php; or (2) type parameter to synotheme.php.
- risk 0.57cvss 8.8epss 0.02
Permissive regular expression vulnerability in synophoto_dsm_user in Synology Photo Station before 6.8.5-3471 and before 6.3-2975 allows remote authenticated users to conduct privilege escalation attacks via the fullname parameter.
- risk 0.57cvss 8.8epss 0.01
Cross-site request forgery (CSRF) vulnerability in admin/user.php in Synology Photo Station before 6.8.5-3471 and before 6.3-2975 allows remote attackers to hijack the authentication of administrators via the (1) username, (2) password, (3) admin, (4) action, (5) uid, or (6)…
- risk 0.57cvss 8.8epss 0.03
Improper input validation vulnerability in SYNOPHOTO_Flickr_MultiUpload in Synology Photo Station before 6.8.3-3463 and before 6.3-2971 allows remote authenticated users to execute arbitrary codes via the prog_id parameter.
- risk 0.57cvss 8.8epss 0.02
Synology Photo Station before 6.3-2958 allows remote authenticated guest users to execute arbitrary commands via shell metacharacters in the X-Forwarded-For HTTP header to photo/login.php.
- risk 0.56cvss 8.6epss 0.00
A vulnerability in Active Backup for Business allows unauthorized remote attackers to read arbitrary files.
- risk 0.55cvss 7.5epss 0.45
An information exposure vulnerability in index.php in Synology Photo Station before 6.7.3-3432 and 6.3-2967 allows remote attackers to obtain sensitive system information via unspecified vectors.
- risk 0.53cvss 8.1epss 0.01
Improper check for unusual or exceptional conditions vulnerability in SSO in Synology DiskStation Manager (DSM) before 7.2.2-72806-5 and 7.3.1-86003-1 (7.2.1-69057 is not affected) allows remote attackers to bypass authentication with prior knowledge of the distinguished name…
- risk 0.53cvss 8.1epss 0.00
A plaintext storage of a password vulnerability in Synology SSL VPN Client before 1.4.5-0684 allows remote attackers to access or influence the user's PIN code due to insecure storage. This may lead to unauthorized VPN configuration and potential interception of subsequent VPN…
- risk 0.53cvss 7.5epss 0.14
Directory traversal vulnerability in PixlrEditorHandler.php in Synology Photo Station before 6.7.3-3432 and 6.3-2967 allows remote attackers to write arbitrary files via the path parameter.
- risk 0.51cvss 7.8epss 0.00
An inclusion of functionality from untrusted control sphere vulnerability in MinGW DLL component in Synology Hyper Backup Explorer before 3.0.1-0156 allows local users to execute arbitrary code via unspecified vectors.
- risk 0.51cvss 7.8epss 0.00
An inclusion of functionality from untrusted control sphere vulnerability in OpenSSL configuration in Synology Active Backup for Business Recovery Media Creator before 2.5.0-2081 allows local users to execute arbitrary code via unspecified vectors.
- risk 0.51cvss 7.8epss 0.00
Uncontrolled search path element vulnerability in OpenSSL DLL component in Synology BeeDrive for desktop before 1.3.2-13814 allows local users to execute arbitrary code via unspecified vectors.
- risk 0.51cvss 7.8epss 0.00
Multiple untrusted search path vulnerabilities in the installer in Synology Cloud Station Drive before 4.2.5-4396 on Windows allow local attackers to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse (1) shfolder.dll, (2) ntmarta.dll, (3) secur32.dll or…
- risk 0.51cvss 7.8epss 0.00
Multiple untrusted search path vulnerabilities in the installer in Synology Cloud Station Backup before 4.2.5-4396 on Windows allow local attackers to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse (1) shfolder.dll, (2) ntmarta.dll, (3) secur32.dll…
- risk 0.51cvss 7.8epss 0.00
Multiple untrusted search path vulnerabilities in installer in Synology Photo Station Uploader before 1.4.2-084 on Windows allows local attackers to execute arbitrary code and conduct DLL hijacking attack via a Trojan horse (1) shfolder.dll, (2) ntmarta.dll, (3) secur32.dll or…
- risk 0.51cvss 7.8epss 0.00
Multiple untrusted search path vulnerabilities in installer in Synology Assistant before 6.1-15163 on Windows allows local attackers to execute arbitrary code and conduct DLL hijacking attack via a Trojan horse (1) shfolder.dll, (2) ntmarta.dll, (3) secur32.dll or (4) dwmapi.dll…
- risk 0.51cvss 7.8epss 0.02
Synology Download Station 3.8.x before 3.8.5-3475 and 3.x before 3.5-2984 uses weak permissions (0777) for ui/dlm/btsearch directory, which allows remote authenticated users to execute arbitrary code by uploading an executable via unspecified vectors.
- risk 0.51cvss 7.8epss 0.02
Command injection vulnerability in Document.php in Synology Office 2.2.0-1502 and 2.2.1-1506 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the crafted file name of RTF documents.
- risk 0.51cvss 7.2epss 0.14
Unrestricted file upload vulnerability in PixlrEditorHandler.php in Synology Photo Station before 6.7.3-3432 and 6.3-2967 allows remote attackers to create arbitrary PHP scripts via the type parameter.
- risk 0.51cvss 7.8epss 0.00
A design flaw in authentication in Synology Photo Station 6.0-2528 through 6.7.1-3419 allows local users to obtain credentials via cmdline. Synology Photo Station employs the synophoto_dsm_user program to authenticate username and password by "synophoto_dsm_user --auth USERNAME…
- risk 0.51cvss 7.8epss 0.01
Synology Photo Station before 6.3-2958 allows local users to gain privileges by leveraging setuid execution of a "synophoto_dsm_user --copy-no-ea" command.
- risk 0.49cvss 7.5epss 0.00
An Exposed Dangerous Method or Function vulnerability in Synology C2 Identity Edge Server package in DSM before 1.76.0-0307 allows remote attackers to obtain user credentials from the edge server.
- risk 0.49cvss 7.5epss 0.02
Files or directories accessible to external parties vulnerability in picasa.php in Synology Photo Station before 6.8.1-3458 and before 6.3-2970 allows remote attackers to obtain arbitrary files via prog_id field.
- risk 0.49cvss 7.5epss 0.01
A design flaw in SYNO.API.Encryption in Synology DiskStation Manager (DSM) before 6.1.3-15152 allows remote attackers to bypass the encryption protection mechanism via the crafted version parameter.
- risk 0.49cvss 7.5epss 0.02
Directory traversal vulnerability in download.php in Synology Photo Station before 6.5.3-3226 allows remote attackers to read arbitrary files via a full pathname in the id parameter.
- risk 0.48cvss 7.4epss 0.01
Use of insufficiently random values vulnerability in SYNO.Encryption.GenRandomKey in Synology DiskStation Manager (DSM) before 6.2-23739 allows man-in-the-middle attackers to compromise non-HTTPS sessions via unspecified vectors.
- risk 0.48cvss 7.3epss 0.01
Improper restriction of communication channel to intended endpoints vulnerability in HTTP daemon in Synology SSL VPN Client before 1.2.4-0224 allows remote attackers to conduct man-in-the-middle attacks via a crafted payload.
- risk 0.48cvss 7.3epss 0.01
SQL injection vulnerability in UPnP DMA in Synology Media Server before 1.7.6-2842 and before 1.4-2654 allows remote attackers to execute arbitrary SQL commands via the ObjectID parameter.
- risk 0.47cvss 7.2epss 0.02
Command injection vulnerability in EZ-Internet in Synology Router Manager (SRM) before 1.1.6-6931 allows remote authenticated users to execute arbitrary command via the username parameter.
- risk 0.47cvss 7.2epss 0.02
Command injection vulnerability in EZ-Internet in Synology DiskStation Manager (DSM) before 6.2-23739 allows remote authenticated users to execute arbitrary command via the username parameter.
- risk 0.46cvss —epss 0.00
An allocation of resources without limits or throttling vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to prevent other systems, applications, or processes from accessing the same type…
- risk 0.46cvss 7.1epss 0.01
Directory traversal vulnerability in synophoto_dsm_user, a SUID program, as used in Synology Photo Station before 6.5.3-3226 allows local users to write to arbitrary files via unspecified vectors.
- risk 0.44cvss 6.8epss 0.00
Files or directories accessible to external parties vulnerability in redis-server component in Synology BeeDrive for desktop before 1.3.2-13814 allows local users to conduct denial-of-service attacks via unspecified vectors.
- risk 0.44cvss 6.7epss 0.00
An uncontrolled search path element vulnerability in Synology Presto Client before 2.1.3-0672 allows local users to read or write arbitrary files and conduct denial-of-service during installation by placing a malicious DLL in advance in the same directory as the installer.
- risk 0.43cvss 5.3epss 0.75
An information exposure vulnerability in forget_passwd.cgi in Synology DiskStation Manager (DSM) before 6.1.3-15152 allows remote attackers to enumerate valid usernames via unspecified vectors.
- risk 0.42cvss 6.5epss 0.00
A files or directories accessible to external parties vulnerability in Synology SSL VPN Client before 1.4.5-0684 allows remote attackers to access files within the installation directory via a local HTTP server bound to the loopback interface. By leveraging user interaction with…
- risk 0.42cvss 6.5epss 0.01
Cross-site scripting (XSS) vulnerability in Address Book Editor in Synology CardDAV Server before 6.0.8-0086 allows remote authenticated users to inject arbitrary web script or HTML via the (1) family_name, (2) given_name, or (3) additional_name parameter.
- risk 0.42cvss 6.5epss 0.01
Improper authorization vulnerability in Highlight Preview in Synology Universal Search before 1.0.5-0135 allows remote authenticated users to bypass permission checks for directories in POSIX mode.
- risk 0.42cvss 6.5epss 0.01
Cross-site scripting (XSS) vulnerability in Title Tootip in Synology Office before 3.0.3-2143 allows remote authenticated users to inject arbitrary web script or HTML via the malicious file name.
- risk 0.42cvss 6.5epss 0.01
Cross-site scripting (XSS) vulnerability in Attachment Preview in Synology File Station before 1.1.4-0122 allows remote authenticated users to inject arbitrary web script or HTML via malicious attachments.
- risk 0.42cvss 6.5epss 0.01
Improper access control vulnerability in Synology Drive before 1.0.2-10275 allows remote authenticated users to access non-shared files or folders via unspecified vectors.
Page 1 of 7