Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
synology diskstation manager vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv2
CVE-2022-22688
Improper neutralization of special elements used in a command ('Command Injection') vulnerability in File service functionality in Synology DiskStation Manager (DSM) prior to 6.2.4-25556-2 allows remote authenticated users to execute arbitrary commands via unspecified v...
Synology Diskstation Manager
7.5
CVSSv2
CVE-2021-27647
Out-of-bounds Read vulnerability in iscsi_snapshot_comm_core in Synology DiskStation Manager (DSM) prior to 6.2.3-25426-3 allows remote malicious users to execute arbitrary code via crafted web requests.
Synology Diskstation Manager
7.5
CVSSv2
CVE-2021-27646
Use After Free vulnerability in iscsi_snapshot_comm_core in Synology DiskStation Manager (DSM) prior to 6.2.3-25426-3 allows remote malicious users to execute arbitrary code via crafted web requests.
Synology Diskstation Manager
6.5
CVSSv2
CVE-2017-15889
Command injection vulnerability in smart.cgi in Synology DiskStation Manager (DSM) prior to 5.2-5967-5 allows remote authenticated users to execute arbitrary commands via disk field.
Synology Diskstation Manager
NA
CVE-2024-0854
URL redirection to untrusted site ('Open Redirect') vulnerability in file access component in Synology DiskStation Manager (DSM) prior to 7.2.1-69057-2 allows remote authenticated users to conduct phishing attacks via unspecified vectors.
Synology Diskstation Manager
9
CVSSv2
CVE-2018-13284
Command injection vulnerability in ftpd in Synology Diskstation Manager (DSM) prior to 6.2-23739-1 allows remote authenticated users to execute arbitrary OS commands via the (1) MKD or (2) RMD command.
Synology Diskstation Manager
4
CVSSv2
CVE-2018-13291
Information exposure vulnerability in /usr/syno/etc/mount.conf in Synology DiskStation Manager (DSM) prior to 6.2.1-23824 allows remote authenticated users to obtain sensitive information via the world readable configuration.
Synology Diskstation Manager
3.5
CVSSv2
CVE-2018-8917
Cross-site scripting (XSS) vulnerability in info.cgi in Synology DiskStation Manager (DSM) prior to 6.1.6-15266 allows remote malicious users to inject arbitrary web script or HTML via the host parameter.
Synology Diskstation Manager
6.5
CVSSv2
CVE-2018-8920
Improper neutralization of escape vulnerability in Log Exporter in Synology DiskStation Manager (DSM) prior to 6.1.6-15266 allows remote malicious users to inject arbitrary content to have an unspecified impact by exporting an archive in CSV format.
Synology Diskstation Manager
4
CVSSv2
CVE-2018-8916
Unverified password change vulnerability in Change Password in Synology DiskStation Manager (DSM) prior to 6.2-23739 allows remote authenticated users to reset password without verification.
Synology Diskstation Manager
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-30310
CVE-2024-21683
CVE-2024-22187
chrome
deserialization
XPath injection
CVE-2024-27842
denial of service
CVE-2024-24851
google
CVE-2024-35400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »