Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
synology carddav server vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2017-15887
An improper restriction of excessive authentication attempts vulnerability in /principals in Synology CardDAV Server prior to 6.0.7-0085 allows remote malicious users to obtain user credentials via a brute-force attack.
Synology Carddav Server
3.5
CVSSv2
CVE-2018-8928
Cross-site scripting (XSS) vulnerability in Address Book Editor in Synology CardDAV Server prior to 6.0.8-0086 allows remote authenticated users to inject arbitrary web script or HTML via the (1) family_name, (2) given_name, or (3) additional_name parameter.
Synology Carddav Server
NA
CVE-2022-27613
Improper neutralization of special elements used in an SQL command ('SQL Injection') vulnerability in webapi component in Synology CardDAV Server prior to 6.0.10-0153 allows remote authenticated users to inject SQL commands via unspecified vectors.
Synology Carddav Server
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5324
path traversal
CVE-2024-4743
CVE-2024-5184
TCP
CVE-2024-27822
code injection
CVE-2024-28995
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started