Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

synology photo station 6.0-2638 vulnerabilities and exploits

(subscribe to this query)

2.1
CVSSv2
CVE-2017-9552
A design flaw in authentication in Synology Photo Station 6.0-2528 through 6.7.1-3419 allows local users to obtain credentials via cmdline. Synology Photo Station employs the synophoto_dsm_user program to authenticate username and password by "synophoto_dsm_user --auth...
Synology Photo Station 6.0-2528Synology Photo Station 6.0-2636Synology Photo Station 6.0-2638Synology Photo Station 6.0-2639Synology Photo Station 6.0-2640Synology Photo Station 6.3-2944Synology Photo Station 6.3-2958Synology Photo Station 6.3-2960Synology Photo Station 6.3-2962Synology Photo Station 6.3-2963Synology Photo Station 6.3-2964Synology Photo Station 6.3-2965Synology Photo Station 6.4-3166Synology Photo Station 6.5.0-3218Synology Photo Station 6.5.1-3223Synology Photo Station 6.5.2-3225Synology Photo Station 6.5.3-3226Synology Photo Station 6.6.0-3339Synology Photo Station 6.6.1-3345Synology Photo Station 6.6.1-3346Synology Photo Station 6.6.2-3346Synology Photo Station 6.6.3-3347Synology Photo Station 6.7.0-3414Synology Photo Station 6.7.1-3419
3.5
CVSSv2
CVE-2015-9102
Multiple cross-site scripting (XSS) vulnerabilities in Synology Photo Station 6.0 before 6.0-2638 and 6.3 before 6.3-2962 allow remote authenticated attackers to inject arbitrary web script or HTML via the (1) album name, (2) file name of uploaded photos, (3) description of...
Synology Photo Station
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2021-24069remote code executionmass assignmentCVE-2021-1782CVE-2021-23962CVE-2021-24081cross-site scriptingCVE-2021-21973CVE-2021-23972