Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
diskstation manager vulnerabilities and exploits
(subscribe to this query)
4
CVSSv2
CVE-2021-43929
Improper neutralization of special elements in output used by a downstream component ('Injection') vulnerability in work flow management in Synology DiskStation Manager (DSM) prior to 7.0.1-42218-2 allows remote authenticated users to inject arbitrary web script or HTML...
Synology Diskstation Manager
NA
CVE-2024-0854
URL redirection to untrusted site ('Open Redirect') vulnerability in file access component in Synology DiskStation Manager (DSM) prior to 7.2.1-69057-2 allows remote authenticated users to conduct phishing attacks via unspecified vectors.
Synology Diskstation Manager
4.3
CVSSv2
CVE-2017-9553
A design flaw in SYNO.API.Encryption in Synology DiskStation Manager (DSM) prior to 6.1.3-15152 allows remote malicious users to bypass the encryption protection mechanism via the crafted version parameter.
Synology Diskstation Manager
4
CVSSv2
CVE-2018-8916
Unverified password change vulnerability in Change Password in Synology DiskStation Manager (DSM) prior to 6.2-23739 allows remote authenticated users to reset password without verification.
Synology Diskstation Manager
3.5
CVSSv2
CVE-2018-8917
Cross-site scripting (XSS) vulnerability in info.cgi in Synology DiskStation Manager (DSM) prior to 6.1.6-15266 allows remote malicious users to inject arbitrary web script or HTML via the host parameter.
Synology Diskstation Manager
5
CVSSv2
CVE-2018-8919
Information exposure vulnerability in SYNO.Core.Desktop.SessionData in Synology DiskStation Manager (DSM) prior to 6.1.6-15266 allows remote malicious users to steal credentials via unspecified vectors.
Synology Diskstation Manager
6.5
CVSSv2
CVE-2018-8920
Improper neutralization of escape vulnerability in Log Exporter in Synology DiskStation Manager (DSM) prior to 6.1.6-15266 allows remote malicious users to inject arbitrary content to have an unspecified impact by exporting an archive in CSV format.
Synology Diskstation Manager
9
CVSSv2
CVE-2021-29083
Improper neutralization of special elements used in an OS command in SYNO.Core.Network.PPPoE in Synology DiskStation Manager (DSM) prior to 6.2.3-25426-3 allows remote authenticated users to execute arbitrary code via realname parameter.
Synology Diskstation Manager
4.6
CVSSv2
CVE-2021-29088
Improper limitation of a pathname to a restricted directory ('Path Traversal') in cgi component in Synology DiskStation Manager (DSM) prior to 6.2.4-25553 allows local users to execute arbitrary code via unspecified vectors.
Synology Diskstation Manager
4
CVSSv2
CVE-2021-33182
Improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in PDF Viewer component in Synology DiskStation Manager (DSM) prior to 6.2.4-25553 allows remote authenticated users to read limited files via unspecified vectors.
Synology Diskstation Manager
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48654
CVE-2024-2757
authentication bypass
CVE-2024-3194
CVE-2024-33640
CVE-2024-21111
dos
insecure direct object reference
CVE-2024-21345
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »