Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
synology diskstation manager 6.2.3 25426 vulnerabilities and exploits
(subscribe to this query)
9
CVSSv2
CVE-2021-29083
Improper neutralization of special elements used in an OS command in SYNO.Core.Network.PPPoE in Synology DiskStation Manager (DSM) prior to 6.2.3-25426-3 allows remote authenticated users to execute arbitrary code via realname parameter.
Synology Diskstation Manager
4.3
CVSSv2
CVE-2020-27656
Cleartext transmission of sensitive information vulnerability in DDNS in Synology DiskStation Manager (DSM) prior to 6.2.3-25426-2 allows man-in-the-middle malicious users to eavesdrop authentication information of DNSExit via unspecified vectors.
Synology Diskstation Manager
6.8
CVSSv2
CVE-2021-26562
Out-of-bounds write vulnerability in synoagentregisterd in Synology DiskStation Manager (DSM) prior to 6.2.3-25426-3 allows man-in-the-middle malicious users to execute arbitrary code via syno_finder_site HTTP header.
Synology Diskstation Manager
Synology Vs960hd Firmware -
Synology Skynas Firmware -
Synology Diskstation Manager Unified Controller 3.0
5.8
CVSSv2
CVE-2021-26564
Cleartext transmission of sensitive information vulnerability in synorelayd in Synology DiskStation Manager (DSM) prior to 6.2.3-25426-3 allows man-in-the-middle malicious users to spoof servers via an HTTP session.
Synology Diskstation Manager
Synology Vs960hd Firmware -
Synology Skynas Firmware -
Synology Diskstation Manager Unified Controller 3.0
5.8
CVSSv2
CVE-2021-26560
Cleartext transmission of sensitive information vulnerability in synoagentregisterd in Synology DiskStation Manager (DSM) prior to 6.2.3-25426-3 allows man-in-the-middle malicious users to spoof servers via an HTTP session.
Synology Diskstation Manager
Synology Vs960hd Firmware -
Synology Skynas Firmware -
Synology Diskstation Manager Unified Controller 3.0
6.8
CVSSv2
CVE-2021-26561
Stack-based buffer overflow vulnerability in synoagentregisterd in Synology DiskStation Manager (DSM) prior to 6.2.3-25426-3 allows man-in-the-middle malicious users to execute arbitrary code via syno_finder_site HTTP header.
Synology Diskstation Manager
Synology Vs960hd Firmware -
Synology Skynas Firmware -
Synology Diskstation Manager Unified Controller 3.0
6.8
CVSSv2
CVE-2021-26566
Insertion of sensitive information into sent data vulnerability in synorelayd in Synology DiskStation Manager (DSM) prior to 6.2.3-25426-3 allows man-in-the-middle malicious users to execute arbitrary commands via inbound QuickConnect traffic.
Synology Diskstation Manager
Synology Vs960hd Firmware -
Synology Skynas Firmware -
Synology Diskstation Manager Unified Controller 3.0
6.8
CVSSv2
CVE-2021-26569
Race Condition within a Thread vulnerability in iscsi_snapshot_comm_core in Synology DiskStation Manager (DSM) prior to 6.2.3-25426-3 allows remote malicious users to execute arbitrary code via crafted web requests.
Synology Diskstation Manager
7.5
CVSSv2
CVE-2021-27646
Use After Free vulnerability in iscsi_snapshot_comm_core in Synology DiskStation Manager (DSM) prior to 6.2.3-25426-3 allows remote malicious users to execute arbitrary code via crafted web requests.
Synology Diskstation Manager
4.3
CVSSv2
CVE-2021-26565
Cleartext transmission of sensitive information vulnerability in synorelayd in Synology DiskStation Manager (DSM) prior to 6.2.3-25426-3 allows man-in-the-middle malicious users to obtain sensitive information via an HTTP session.
Synology Vs960hd Firmware -
Synology Skynas Firmware -
Synology Diskstation Manager Unified Controller 3.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
spoof
CVE-2024-34928
CVE-2024-5291
deserialization
CVE-2024-4471
CVE-2024-4956
CVE-2024-32002
CVE-2024-5227
unspecified
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2