Synology

Surveillance Station

19 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.3

CVE-2023-52944

  • EPSS 0.08%
  • Veröffentlicht 04.12.2024 07:15:05
  • Zuletzt bearbeitet 04.12.2024 07:15:05

Incorrect authorization vulnerability in ActionRule webapi component in Synology Surveillance Station before 9.2.0-11289 and 9.2.0-9289 allows remote authenticated users to perform limited actions on the set action rules function via unspecified vect...

4.3

CVE-2023-52943

  • EPSS 0.08%
  • Veröffentlicht 04.12.2024 07:15:04
  • Zuletzt bearbeitet 04.12.2024 07:15:04

Incorrect authorization vulnerability in Alert.Setting webapi component in Synology Surveillance Station before 9.2.0-11289 and 9.2.0-9289 allows remote authenticated users to to perform limited actions on the alerting function via unspecified vector...

9.9

CVE-2024-29241

  • EPSS 0.75%
  • Veröffentlicht 28.03.2024 07:16:12
  • Zuletzt bearbeitet 12.08.2025 17:34:11

Missing authorization vulnerability in System webapi component in Synology Surveillance Station before 9.2.0-9289 and 9.2.0-11289 allows remote authenticated users to obtain non-sensitive information, write sensitive configurations in DSM, and reboot...

4.3

CVE-2024-29240

  • EPSS 0.42%
  • Veröffentlicht 28.03.2024 07:16:11
  • Zuletzt bearbeitet 04.08.2025 19:08:23

Missing authorization vulnerability in LayoutSave webapi component in Synology Surveillance Station before 9.2.0-11289 and 9.2.0-9289 allows remote authenticated users to conduct limited denial-of-service attacks via unspecified vectors.

5.4

CVE-2024-29239

  • EPSS 0.25%
  • Veröffentlicht 28.03.2024 07:16:10
  • Zuletzt bearbeitet 04.08.2025 19:08:26

Improper neutralization of special elements used in an SQL command ('SQL Injection') vulnerability in Recording.CountByCategory webapi component in Synology Surveillance Station before 9.2.0-11289 and 9.2.0-9289 allows remote authenticated users to r...

5.4

CVE-2024-29238

  • EPSS 0.25%
  • Veröffentlicht 28.03.2024 07:16:09
  • Zuletzt bearbeitet 04.08.2025 19:08:28

Improper neutralization of special elements used in an SQL command ('SQL Injection') vulnerability in Log.CountByCategory webapi component in Synology Surveillance Station before 9.2.0-9289 and 9.2.0-11289 allows remote authenticated users to read da...

5.4

CVE-2024-29237

  • EPSS 0.25%
  • Veröffentlicht 28.03.2024 07:16:09
  • Zuletzt bearbeitet 04.08.2025 19:08:31

Improper neutralization of special elements used in an SQL command ('SQL Injection') vulnerability in ActionRule.Delete webapi component in Synology Surveillance Station before 9.2.0-11289 and 9.2.0-9289 allows remote authenticated users to read data...

5.4

CVE-2024-29236

  • EPSS 0.25%
  • Veröffentlicht 28.03.2024 07:16:08
  • Zuletzt bearbeitet 04.08.2025 19:08:33

Improper neutralization of special elements used in an SQL command ('SQL Injection') vulnerability in AudioPattern.Delete webapi component in Synology Surveillance Station before 9.2.0-9289 and 9.2.0-11289 allows remote authenticated users to read da...

5.4

CVE-2024-29235

  • EPSS 0.25%
  • Veröffentlicht 28.03.2024 07:16:07
  • Zuletzt bearbeitet 04.08.2025 19:08:36

Improper neutralization of special elements used in an SQL command ('SQL Injection') vulnerability in IOModule.EnumLog webapi component in Synology Surveillance Station before 9.2.0-11289 and 9.2.0-9289 allows remote authenticated users to read datab...

5.4

CVE-2024-29234

  • EPSS 0.25%
  • Veröffentlicht 28.03.2024 07:16:06
  • Zuletzt bearbeitet 04.08.2025 19:08:39

Improper neutralization of special elements used in an SQL command ('SQL Injection') vulnerability in Group.Save webapi component in Synology Surveillance Station before 9.2.0-11289 and 9.2.0-9289 allows remote authenticated users to read database co...