Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
synology diskstation manager 6.2 vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2019-3870
A vulnerability was found in Samba from version (including) 4.9 to versions prior to 4.9.6 and 4.10.2. During the creation of a new Samba AD DC, files are created in a private subdirectory of the install location. This directory is typically mode 0700, that is owner (root) only a...
Samba Samba
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Synology Diskstation Manager 5.2
Synology Diskstation Manager 6.1
Synology Diskstation Manager 6.2
Synology Directory Server -
Synology Router Manager 1.2
Synology Skynas Firmware -
Synology Vs960hd Firmware
6.5
CVSSv3
CVE-2018-13286
Incorrect default permissions vulnerability in synouser.conf in Synology Diskstation Manager (DSM) prior to 6.2-23739-1 allows remote authenticated users to obtain sensitive information via the world readable configuration.
Synology Diskstation Manager
8.8
CVSSv3
CVE-2018-13284
Command injection vulnerability in ftpd in Synology Diskstation Manager (DSM) prior to 6.2-23739-1 allows remote authenticated users to execute arbitrary OS commands via the (1) MKD or (2) RMD command.
Synology Diskstation Manager
4.3
CVSSv3
CVE-2018-13281
Information exposure vulnerability in SYNO.Core.ACL in Synology DiskStation Manager (DSM) prior to 6.2-23739-2 allows remote authenticated users to determine the existence and obtain the metadata of arbitrary files via the file_path parameter.
Synology Diskstation Manager 6.0
Synology Vs960hd -
Synology Skynas -
Synology Diskstation Manager
Synology Diskstation Manager 5.2
5.9
CVSSv3
CVE-2018-13280
Use of insufficiently random values vulnerability in SYNO.Encryption.GenRandomKey in Synology DiskStation Manager (DSM) prior to 6.2-23739 allows man-in-the-middle malicious users to compromise non-HTTPS sessions via unspecified vectors.
Synology Diskstation Manager
8.8
CVSSv3
CVE-2018-8916
Unverified password change vulnerability in Change Password in Synology DiskStation Manager (DSM) prior to 6.2-23739 allows remote authenticated users to reset password without verification.
Synology Diskstation Manager
7.2
CVSSv3
CVE-2017-12075
Command injection vulnerability in EZ-Internet in Synology DiskStation Manager (DSM) prior to 6.2-23739 allows remote authenticated users to execute arbitrary command via the username parameter.
Synology Diskstation Manager
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49333
CVE-2024-33901
CVE-2024-36001
CVE-2024-2835
firewall
XPath injection
authentication bypass
CVE-2024-22120
CVE-2024-32002
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2