Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
synology photo station 6.5.3-3226 vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2016-10329
Command injection vulnerability in login.php in Synology Photo Station prior to 6.5.3-3226 allows remote malicious users to execute arbitrary code via shell metacharacters in the crafted 'X-Forwarded-For' header.
Synology Photo Station
7.8
CVSSv3
CVE-2017-9552
A design flaw in authentication in Synology Photo Station 6.0-2528 up to and including 6.7.1-3419 allows local users to obtain credentials via cmdline. Synology Photo Station employs the synophoto_dsm_user program to authenticate username and password by "synophoto_dsm_user ...
Synology Photo Station 6.0-2636
Synology Photo Station 6.5.2-3225
Synology Photo Station 6.3-2963
Synology Photo Station 6.3-2962
Synology Photo Station 6.0-2640
Synology Photo Station 6.6.2-3346
Synology Photo Station 6.3-2965
Synology Photo Station 6.6.1-3346
Synology Photo Station 6.3-2964
Synology Photo Station 6.5.1-3223
Synology Photo Station 6.5.0-3218
Synology Photo Station 6.3-2944
Synology Photo Station 6.0-2528
Synology Photo Station 6.3-2958
Synology Photo Station 6.0-2638
Synology Photo Station 6.6.1-3345
Synology Photo Station 6.6.0-3339
Synology Photo Station 6.5.3-3226
Synology Photo Station 6.3-2960
Synology Photo Station 6.7.1-3419
Synology Photo Station 6.4-3166
Synology Photo Station 6.0-2639
7.5
CVSSv3
CVE-2016-10331
Directory traversal vulnerability in download.php in Synology Photo Station prior to 6.5.3-3226 allows remote malicious users to read arbitrary files via a full pathname in the id parameter.
Synology Photo Station
7.1
CVSSv3
CVE-2016-10330
Directory traversal vulnerability in synophoto_dsm_user, a SUID program, as used in Synology Photo Station prior to 6.5.3-3226 allows local users to write to arbitrary files via unspecified vectors.
Synology Photo Station
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
denial of service
CVE-2024-27371
CVE-2024-20405
CVE-2024-31627
CVE-2024-31625
race condition
CVE-2024-4358
cross-site scripting
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started