Synology

Diskstation Manager

93 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.8

CVE-2024-5401

  • EPSS 0.04%
  • Veröffentlicht 04.12.2025 14:20:18
  • Zuletzt bearbeitet 05.12.2025 21:43:56

Improper control of dynamically-managed code resources vulnerability in WebAPI component in Synology DiskStation Manager (DSM) before 7.1.1-42962-8 and 7.2.1-69057-2 and 7.2.2-72806 and Synology Unified Controller (DSMUC) before 3.1.4-23079 allows re...

7.5

CVE-2024-45539

  • EPSS 0.11%
  • Veröffentlicht 04.12.2025 14:17:50
  • Zuletzt bearbeitet 05.12.2025 21:44:16

Out-of-bounds write vulnerability in cgi components in Synology DiskStation Manager (DSM) before 7.2.1-69057-2 and 7.2.2-72806 and Synology Unified Controller (DSMUC) before 3.1.4-23079 allows remote attackers to conduct denial-of-service attacks via...

9.6

CVE-2024-45538

  • EPSS 0.06%
  • Veröffentlicht 04.12.2025 14:16:26
  • Zuletzt bearbeitet 05.12.2025 21:44:21

Cross-Site Request Forgery (CSRF) vulnerability in WebAPI Framework in Synology DiskStation Manager (DSM) before 7.2.1-69057-2 and 7.2.2-72806 and Synology Unified Controller (DSMUC) before 3.1.4-23079 allows remote attackers to execute arbitrary cod...

7.5

CVE-2025-1021

  • EPSS 0.06%
  • Veröffentlicht 23.04.2025 02:49:45
  • Zuletzt bearbeitet 17.11.2025 14:10:43

Missing authorization vulnerability in synocopy in Synology DiskStation Manager (DSM) before 7.1.1-42962-8, 7.2.1-69057-7 and 7.2.2-72806-3 allows remote attackers to read arbitrary files via unspecified vectors.

5.3

CVE-2024-50629

  • EPSS 0.08%
  • Veröffentlicht 19.03.2025 05:49:56
  • Zuletzt bearbeitet 17.11.2025 13:38:39

Improper encoding or escaping of output vulnerability in the webapi component in Synology BeeStation OS (BSM) before 1.1-65374 and Synology DiskStation Manager (DSM) before 7.1.1-42962-7, 7.2-64570-4, 7.2.1-69057-6 and 7.2.2-72806-1 allow remote atta...

5.3

CVE-2024-10445

  • EPSS 0.06%
  • Veröffentlicht 19.03.2025 02:10:57
  • Zuletzt bearbeitet 17.11.2025 13:42:21

Improper certificate validation vulnerability in the update functionality in Synology BeeStation OS (BSM) before 1.1-65374 and Synology DiskStation Manager (DSM) before 6.2.4-25556-8, 7.1.1-42962-7, 7.2-64570-4, 7.2.1-69057-6 and 7.2.2-72806-1 allow ...

9.8

CVE-2024-10441

  • EPSS 0.54%
  • Veröffentlicht 19.03.2025 02:09:56
  • Zuletzt bearbeitet 17.11.2025 13:43:41

Improper encoding or escaping of output vulnerability in the system plugin daemon in Synology BeeStation OS (BSM) before 1.1-65374 and Synology DiskStation Manager (DSM) before 7.2-64570-4, 7.2.1-69057-6 and 7.2.2-72806-1 allows remote attackers to e...

7.5

CVE-2024-10444

  • EPSS 0.04%
  • Veröffentlicht 19.03.2025 02:07:02
  • Zuletzt bearbeitet 17.11.2025 13:43:14

Improper certificate validation vulnerability in the LDAP utilities in Synology DiskStation Manager (DSM) before 7.1.1-42962-8, 7.2.1-69057-7 and 7.2.2-72806-3 allows man-in-the-middle attackers to hijack the authentication of administrators via unsp...

5.4

CVE-2024-0854

  • EPSS 0.18%
  • Veröffentlicht 24.01.2024 10:15:09
  • Zuletzt bearbeitet 14.01.2025 19:29:55

URL redirection to untrusted site ('Open Redirect') vulnerability in file access component in Synology DiskStation Manager (DSM) before 6.2.4-25556-8, 7.0.1-42218-7, 7.1.1-42962-7 and 7.2.1-69057-2 allows remote authenticated users to conduct phishin...

7.5

CVE-2023-2729

  • EPSS 0.21%
  • Veröffentlicht 13.06.2023 08:15:09
  • Zuletzt bearbeitet 14.01.2025 19:29:55

Use of insufficiently random values vulnerability in User Management Functionality in Synology DiskStation Manager (DSM) before 7.2-64561 allows remote attackers to obtain user credential via unspecified vectors.