Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
synology diskstation manager vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2022-22680
Exposure of sensitive information to an unauthorized actor vulnerability in Web Server in Synology DiskStation Manager (DSM) prior to 7.0.1-42218-2 allows remote malicious users to obtain sensitive information via unspecified vectors.
Synology Diskstation Manager
NA
CVE-2022-22684
Improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability in task management component in Synology DiskStation Manager (DSM) prior to 6.2.4-25553 allows remote authenticated users to execute arbitrary commands via unspecifi...
Synology Diskstation Manager
6.5
CVSSv2
CVE-2022-22688
Improper neutralization of special elements used in a command ('Command Injection') vulnerability in File service functionality in Synology DiskStation Manager (DSM) prior to 6.2.4-25556-2 allows remote authenticated users to execute arbitrary commands via unspecified v...
Synology Diskstation Manager
7.5
CVSSv2
CVE-2021-43925
Improper neutralization of special elements used in an SQL command ('SQL Injection') vulnerability in Log Management functionality in Synology DiskStation Manager (DSM) prior to 7.0.1-42218-2 allows remote malicious users to inject SQL commands via unspecified vectors.
Synology Diskstation Manager
7.5
CVSSv2
CVE-2021-43926
Improper neutralization of special elements used in an SQL command ('SQL Injection') vulnerability in Log Management functionality in Synology DiskStation Manager (DSM) prior to 7.0.1-42218-2 allows remote malicious users to inject SQL commands via unspecified vectors.
Synology Diskstation Manager
4
CVSSv2
CVE-2021-43929
Improper neutralization of special elements in output used by a downstream component ('Injection') vulnerability in work flow management in Synology DiskStation Manager (DSM) prior to 7.0.1-42218-2 allows remote authenticated users to inject arbitrary web script or HTML...
Synology Diskstation Manager
4
CVSSv2
CVE-2021-33182
Improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in PDF Viewer component in Synology DiskStation Manager (DSM) prior to 6.2.4-25553 allows remote authenticated users to read limited files via unspecified vectors.
Synology Diskstation Manager
6.8
CVSSv2
CVE-2021-26569
Race Condition within a Thread vulnerability in iscsi_snapshot_comm_core in Synology DiskStation Manager (DSM) prior to 6.2.3-25426-3 allows remote malicious users to execute arbitrary code via crafted web requests.
Synology Diskstation Manager
4
CVSSv2
CVE-2018-8916
Unverified password change vulnerability in Change Password in Synology DiskStation Manager (DSM) prior to 6.2-23739 allows remote authenticated users to reset password without verification.
Synology Diskstation Manager
7.5
CVSSv2
CVE-2021-27646
Use After Free vulnerability in iscsi_snapshot_comm_core in Synology DiskStation Manager (DSM) prior to 6.2.3-25426-3 allows remote malicious users to execute arbitrary code via crafted web requests.
Synology Diskstation Manager
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-36920
buffer overflow
CVE-2024-36913
CVE-2024-5497
CVE-2024-23917
CVE-2024-4956
server-side request forgery
CVE-2024-35468
SSTI
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »