Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
synology diskstation manager vulnerabilities and exploits
(subscribe to this query)
5.3
CVSSv3
CVE-2018-7170
ntpd in ntp 4.2.x prior to 4.2.8p7 and 4.3.x prior to 4.3.92 allows authenticated users that know the private symmetric key to create arbitrarily-many ephemeral associations in order to win the clock selection of ntpd and modify a victim's clock via a Sybil attack. This issu...
Ntp Ntp 4.2.8
Ntp Ntp
Synology Diskstation Manager
Synology Router Manager
Synology Skynas
Synology Virtual Diskstation Manager
Synology Vs960hd Firmware
Netapp Hci -
Netapp Solidfire -
Hpe Hpux-ntp
8.3
CVSSv3
CVE-2020-27653
Algorithm downgrade vulnerability in QuickConnect in Synology Router Manager (SRM) prior to 1.2.4-8081 allows man-in-the-middle malicious users to spoof servers and obtain sensitive information via unspecified vectors.
Synology Router Manager
Synology Diskstation Manager 6.2.3 25426
1 Github repository
9
CVSSv3
CVE-2020-27648
Improper certificate validation vulnerability in OpenVPN client in Synology DiskStation Manager (DSM) prior to 6.2.3-25426-2 allows man-in-the-middle malicious users to spoof servers and obtain sensitive information via a crafted certificate.
Synology Diskstation Manager
Synology Skynas Firmware
8.3
CVSSv3
CVE-2020-27652
Algorithm downgrade vulnerability in QuickConnect in Synology DiskStation Manager (DSM) prior to 6.2.3-25426-2 allows man-in-the-middle malicious users to spoof servers and obtain sensitive information via unspecified vectors.
Synology Diskstation Manager
Synology Skynas Firmware
1 Github repository
3.7
CVSSv3
CVE-2020-27650
Synology DiskStation Manager (DSM) prior to 6.2.3-25426-2 does not set the Secure flag for the session cookie in an HTTPS session, which makes it easier for remote malicious users to capture this cookie by intercepting its transmission within an HTTP session.
Synology Diskstation Manager
Synology Skynas Firmware
9.8
CVSSv3
CVE-2021-27646
Use After Free vulnerability in iscsi_snapshot_comm_core in Synology DiskStation Manager (DSM) prior to 6.2.3-25426-3 allows remote malicious users to execute arbitrary code via crafted web requests.
Synology Diskstation Manager
9.8
CVSSv3
CVE-2021-27647
Out-of-bounds Read vulnerability in iscsi_snapshot_comm_core in Synology DiskStation Manager (DSM) prior to 6.2.3-25426-3 allows remote malicious users to execute arbitrary code via crafted web requests.
Synology Diskstation Manager
7.5
CVSSv3
CVE-2022-3576
A vulnerability regarding out-of-bounds read is found in the session processing functionality of Out-of-Band (OOB) Management. This allows remote malicious users to obtain sensitive information via unspecified vectors. The following models with Synology DiskStation Manager (DSM) ...
Synology Diskstation Manager
NA
CVE-2015-4655
Cross-site scripting (XSS) vulnerability in Synology DiskStation Manager (DSM) prior to 5.2-5565 Update 1 allows remote malicious users to inject arbitrary web script or HTML via the "compound" parameter to entry.cgi.
Synology Diskstation Manager
7.2
CVSSv3
CVE-2017-12075
Command injection vulnerability in EZ-Internet in Synology DiskStation Manager (DSM) prior to 6.2-23739 allows remote authenticated users to execute arbitrary command via the username parameter.
Synology Diskstation Manager
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »