Skip to main content

Synology Products Multiple Vulnerabilities

Release Date: 11 Nov 2024 2138 Views

RISK: Medium Risk

TYPE: Servers - Other Servers

TYPE: Other Servers

Multiple vulnerabilities were identified in Synology products. A remote attacker could exploit some of these vulnerabilities to trigger sensitive information disclosure, spoofing, data manipulation and remote code execution on the targeted system.


Impact

  • Remote Code Execution
  • Spoofing
  • Information Disclosure
  • Data Manipulation

System / Technologies affected

  • Synology DSM 7.2.2 versions below 7.2.2-72806-1 
  • Synology DSM 7.2.1
  • Synology DSM 7.1
  • Synology DSMUC 3.1
  • Synology BeeStation OS versions below 1.1-65374
  • Synology BeeStation OS versions 1.0
  • Synology Replication Service for DSM 7.2 versions below 1.3.0-0423
  • Synology Replication Service for DSM 7.1 versions below 1.2.2-0353
  • Synology Drive Server for DSM 7.2.2 versions below 3.5.1-26102
  • Synology Drive Server for DSM 7.2.1
  • Synology Drive Server for DSM 7.1

Solutions

Before installation of the software, please visit the vendor web-site for more details.

 

Apply fixes issued by the vendor:


Vulnerability Identifier

  • No CVE information is available

Source


Related Link