Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
synology video station vulnerabilities and exploits
(subscribe to this query)
9.1
CVSSv3
CVE-2021-33181
Server-Side Request Forgery (SSRF) vulnerability in webapi component in Synology Video Station prior to 2.4.10-1632 allows remote authenticated users to send arbitrary request to intranet resources via unspecified vectors.
Synology Video Station
5.4
CVSSv3
CVE-2017-9556
Cross-site scripting (XSS) vulnerability in Video Metadata Editor in Synology Video Station prior to 2.3.0-1435 allows remote authenticated malicious users to inject arbitrary web script or HTML via the title parameter.
Synology Video Station
5.4
CVSSv3
CVE-2015-9105
Multiple cross-site scripting (XSS) vulnerabilities in Synology Video Station 1.2 prior to 1.2-0455, 1.5 prior to 1.5-0772, and 1.6 prior to 1.6-0847 allow remote authenticated malicious users to inject arbitrary web script or HTML via the (1) file name or (2) collection name of ...
Synology Video Station 1.6-0844
Synology Video Station 1.2-0439
Synology Video Station 1.2-0453
Synology Video Station 1.5-0754
Synology Video Station 1.2-0447
Synology Video Station 1.5-0753
Synology Video Station 1.2-0451
Synology Video Station 1.6-0841
Synology Video Station 1.5-0763
Synology Video Station 1.5-0770
Synology Video Station 1.2-0443
Synology Video Station 1.6-0840
Synology Video Station 1.5-0757
Synology Video Station 1.6-0835
NA
CVE-2015-6910
SQL injection vulnerability in Synology Video Station prior to 1.5-0757 allows remote malicious users to execute arbitrary SQL commands via the id parameter to audiotrack.cgi.
Synology Video Station
NA
CVE-2015-6911
SQL injection vulnerability in Synology Video Station prior to 1.5-0763 allows remote malicious users to execute arbitrary SQL commands via the id parameter to watchstatus.cgi.
Synology Video Station
1 EDB exploit
NA
CVE-2015-6912
Synology Video Station prior to 1.5-0763 allows remote malicious users to execute arbitrary shell commands via shell metacharacters in the subtitle_codepage parameter to subtitle.cgi.
Synology Video Station
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
buffer overflow
type confusion
server-side request forgery
CVE-2024-38440
CVE-2024-27801
CVE-2024-5868
CVE-2024-0582
CVE-2024-37643
CVE-2024-3105
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started