Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
synology diskstation manager vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2013-6955
webman/imageSelector.cgi in Synology DiskStation Manager (DSM) 4.0 prior to 4.0-2259, 4.2 prior to 4.2-3243, and 4.3 prior to 4.3-3810 Update 1 allows remote malicious users to append data to arbitrary files, and consequently execute arbitrary code, via a pathname in the SLICEUPL...
Synology Diskstation Manager 4.3
Synology Diskstation Manager 4.2
Synology Diskstation Manager 4.0
Synology Diskstation Manager 4.3-3810
1 EDB exploit
4.3
CVSSv3
CVE-2018-13281
Information exposure vulnerability in SYNO.Core.ACL in Synology DiskStation Manager (DSM) prior to 6.2-23739-2 allows remote authenticated users to determine the existence and obtain the metadata of arbitrary files via the file_path parameter.
Synology Diskstation Manager 6.0
Synology Vs960hd -
Synology Skynas -
Synology Diskstation Manager
Synology Diskstation Manager 5.2
4.9
CVSSv3
CVE-2017-12076
Uncontrolled Resource Consumption vulnerability in SYNO.Core.PortForwarding.Rules in Synology DiskStation (DSM) prior to 6.1.1-15088 allows remote authenticated malicious user to exhaust the memory resources of the machine, causing a denial of service attack.
Synology Diskstation Manager
Synology Diskstation Manager 6.1.1
7.5
CVSSv3
CVE-2021-29086
Exposure of sensitive information to an unauthorized actor vulnerability in webapi component in Synology DiskStation Manager (DSM) prior to 6.2.3-25426-3 allows remote malicious users to obtain sensitive information via unspecified vectors.
Synology Diskstation Manager
Synology Diskstation Manager Unified Controller
7.5
CVSSv3
CVE-2021-29085
Improper neutralization of special elements in output used by a downstream component ('Injection') vulnerability in file sharing management component in Synology DiskStation Manager (DSM) prior to 6.2.3-25426-3 allows remote malicious users to read arbitrary files via u...
Synology Diskstation Manager
Synology Diskstation Manager Unified Controller
9.8
CVSSv3
CVE-2022-22687
Buffer copy without checking size of input ('Classic Buffer Overflow') vulnerability in Authentication functionality in Synology DiskStation Manager (DSM) prior to 6.2.3-25426-3 allows remote malicious users to execute arbitrary code via unspecified vectors.
Synology Diskstation Manager
Synology Diskstation Manager Unified Controller
9.8
CVSSv3
CVE-2021-27649
Use after free vulnerability in file transfer protocol component in Synology DiskStation Manager (DSM) prior to 6.2.3-25426-3 allows remote malicious users to execute arbitrary code via unspecified vectors.
Synology Diskstation Manager
Synology Diskstation Manager Unified Controller
7.5
CVSSv3
CVE-2021-29087
Improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in webapi component in Synology DiskStation Manager (DSM) prior to 6.2.3-25426-3 allows remote malicious users to write arbitrary files via unspecified vectors.
Synology Diskstation Manager
Synology Diskstation Manager Unified Controller
7.5
CVSSv3
CVE-2021-29084
Improper neutralization of special elements in output used by a downstream component ('Injection') vulnerability in Security Advisor report management component in Synology DiskStation Manager (DSM) prior to 6.2.3-25426-3 allows remote malicious users to read arbitrary ...
Synology Diskstation Manager
Synology Diskstation Manager Unified Controller
8.1
CVSSv3
CVE-2023-0142
Uncontrolled search path element vulnerability in Backup Management Functionality in Synology DiskStation Manager (DSM) prior to 7.1-42661 allows remote authenticated users to read or write arbitrary files via unspecified vectors.
Synology Diskstation Manager
Synology Diskstation Manager Unified Controller 3.1
Synology Router Manager 1.3.1-9346
Synology Router Manager
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4367
CVE-2024-35977
CVE-2023-49335
man-in-the-middle
CVE-2024-4947
CVE-2024-31714
memory leak
SQL
CVE-2024-35994
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »