Synology

Diskstation Manager

93 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.1

CVE-2023-0142

  • EPSS 0.19%
  • Veröffentlicht 13.06.2023 07:15:46
  • Zuletzt bearbeitet 14.01.2025 19:29:55

Uncontrolled search path element vulnerability in Backup Management functionality in Synology DiskStation Manager (DSM) before 6.2.4-25556-8, 7.0.1-42218-7 and 7.1-42661 allows remote authenticated users with administrator privileges to read or write...

9.1

CVE-2022-27623

  • EPSS 0.33%
  • Veröffentlicht 25.10.2022 17:15:51
  • Zuletzt bearbeitet 14.01.2025 19:29:55

Missing authentication for critical function vulnerability in iSCSI management functionality in Synology DiskStation Manager (DSM) before 7.1-42661 allows remote attackers to read or write arbitrary files via unspecified vectors.

4.3

CVE-2022-27622

  • EPSS 0.14%
  • Veröffentlicht 25.10.2022 17:15:51
  • Zuletzt bearbeitet 14.01.2025 19:29:55

Server-Side Request Forgery (SSRF) vulnerability in Package Center functionality in Synology DiskStation Manager (DSM) before 7.1-42661 allows remote authenticated users to access intranet resources via unspecified vectors.

7.5

CVE-2022-3576

  • EPSS 0.37%
  • Veröffentlicht 20.10.2022 06:15:12
  • Zuletzt bearbeitet 14.01.2025 19:29:55

A vulnerability regarding out-of-bounds read is found in the session processing functionality of Out-of-Band (OOB) Management. This allows remote attackers to obtain sensitive information via unspecified vectors. The following models with Synology Di...

8.1

CVE-2022-27626

  • EPSS 1.39%
  • Veröffentlicht 20.10.2022 06:15:11
  • Zuletzt bearbeitet 14.01.2025 19:29:55

A vulnerability regarding concurrent execution using shared resource with improper synchronization ('Race Condition') is found in the session processing functionality of Out-of-Band (OOB) Management. This allows remote attackers to execute arbitrary ...

9.8

CVE-2022-27625

  • EPSS 1.07%
  • Veröffentlicht 20.10.2022 06:15:11
  • Zuletzt bearbeitet 14.01.2025 19:29:55

A vulnerability regarding improper restriction of operations within the bounds of a memory buffer is found in the message processing functionality of Out-of-Band (OOB) Management. This allows remote attackers to execute arbitrary commands via unspeci...

9.8

CVE-2022-27624

  • EPSS 1.08%
  • Veröffentlicht 20.10.2022 06:15:09
  • Zuletzt bearbeitet 14.01.2025 19:29:55

A vulnerability regarding improper restriction of operations within the bounds of a memory buffer is found in the packet decryption functionality of Out-of-Band (OOB) Management. This allows remote attackers to execute arbitrary commands via unspecif...

7.2

CVE-2022-27616

  • EPSS 1.62%
  • Veröffentlicht 03.08.2022 02:15:07
  • Zuletzt bearbeitet 14.01.2025 19:29:55

Improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability in webapi component in Synology DiskStation Manager (DSM) before 7.0.1-42218-3 allows remote authenticated users to execute arbitrary commands vi...

8.8

CVE-2022-22684

  • EPSS 1.81%
  • Veröffentlicht 28.07.2022 07:15:07
  • Zuletzt bearbeitet 14.01.2025 19:29:55

Improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability in task management component in Synology DiskStation Manager (DSM) before 6.2.4-25553 allows remote authenticated users to execute arbitrary comm...

8.8

CVE-2022-22688

  • EPSS 1.02%
  • Veröffentlicht 25.03.2022 07:15:07
  • Zuletzt bearbeitet 14.01.2025 19:29:55

Improper neutralization of special elements used in a command ('Command Injection') vulnerability in File service functionality in Synology DiskStation Manager (DSM) before 6.2.4-25556-2 allows remote authenticated users to execute arbitrary commands...