Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
synology diskstation manager vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2018-13293
Cross-site scripting (XSS) vulnerability in Control Panel SSO Settings in Synology DiskStation Manager (DSM) prior to 6.2.1-23824 allows remote authenticated users to inject arbitrary web script or HTML via the URL parameter.
Synology Diskstation Manager
5.4
CVSSv3
CVE-2018-8917
Cross-site scripting (XSS) vulnerability in info.cgi in Synology DiskStation Manager (DSM) prior to 6.1.6-15266 allows remote malicious users to inject arbitrary web script or HTML via the host parameter.
Synology Diskstation Manager
5.3
CVSSv3
CVE-2018-7170
ntpd in ntp 4.2.x prior to 4.2.8p7 and 4.3.x prior to 4.3.92 allows authenticated users that know the private symmetric key to create arbitrarily-many ephemeral associations in order to win the clock selection of ntpd and modify a victim's clock via a Sybil attack. This issu...
Ntp Ntp
Ntp Ntp 4.2.8
Synology Diskstation Manager
Synology Router Manager
Synology Skynas
Synology Virtual Diskstation Manager
Synology Vs960hd Firmware
Netapp Hci -
Netapp Solidfire -
Hpe Hpux-ntp
5.3
CVSSv3
CVE-2017-9554
An information exposure vulnerability in forget_passwd.cgi in Synology DiskStation Manager (DSM) prior to 6.1.3-15152 allows remote malicious users to enumerate valid usernames via unspecified vectors.
Synology Diskstation Manager
1 EDB exploit
2 Github repositories
4.9
CVSSv3
CVE-2022-22679
Improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in support service management in Synology DiskStation Manager (DSM) prior to 7.0.1-42218-2 allows remote authenticated users to write arbitrary files via unspecified vectors.
Synology Diskstation Manager
4.9
CVSSv3
CVE-2017-12076
Uncontrolled Resource Consumption vulnerability in SYNO.Core.PortForwarding.Rules in Synology DiskStation (DSM) prior to 6.1.1-15088 allows remote authenticated malicious user to exhaust the memory resources of the machine, causing a denial of service attack.
Synology Diskstation Manager
Synology Diskstation Manager 6.1.1
4.3
CVSSv3
CVE-2022-27622
Server-Side Request Forgery (SSRF) vulnerability in Package Center functionality in Synology DiskStation Manager (DSM) prior to 7.1-42661 allows remote authenticated users to access intranet resources via unspecified vectors.
Synology Diskstation Manager
4.3
CVSSv3
CVE-2021-33182
Improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in PDF Viewer component in Synology DiskStation Manager (DSM) prior to 6.2.4-25553 allows remote authenticated users to read limited files via unspecified vectors.
Synology Diskstation Manager
4.3
CVSSv3
CVE-2018-13291
Information exposure vulnerability in /usr/syno/etc/mount.conf in Synology DiskStation Manager (DSM) prior to 6.2.1-23824 allows remote authenticated users to obtain sensitive information via the world readable configuration.
Synology Diskstation Manager
4.3
CVSSv3
CVE-2018-13281
Information exposure vulnerability in SYNO.Core.ACL in Synology DiskStation Manager (DSM) prior to 6.2-23739-2 allows remote authenticated users to determine the existence and obtain the metadata of arbitrary files via the file_path parameter.
Synology Diskstation Manager 6.0
Synology Vs960hd -
Synology Skynas -
Synology Diskstation Manager
Synology Diskstation Manager 5.2
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5324
path traversal
CVE-2024-4743
CVE-2024-5184
TCP
CVE-2024-27822
code injection
CVE-2024-28995
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
NEXT »