CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Synology : Security Vulnerabilities

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2017-15889 77 Exec Code 2017-12-04 2017-12-21
6.5
None Remote Low Single system Partial Partial Partial
Command injection vulnerability in smart.cgi in Synology DiskStation Manager (DSM) before 5.2-5967-5 allows remote authenticated users to execute arbitrary commands via disk field.
2 CVE-2017-12080 200 +Info 2017-12-04 2017-12-21
5.0
None Remote Low Not required Partial None None
An information exposure vulnerability in default HTTP configuration file in Synology Photo Station before 6.8.1-3458 and before 6.3-2970 allows remote attackers to obtain sensitive system information via .htaccess file.
3 CVE-2017-12079 200 +Info 2017-12-04 2017-12-21
5.0
None Remote Low Not required Partial None None
Files or directories accessible to external parties vulnerability in picasa.php in Synology Photo Station before 6.8.1-3458 and before 6.3-2970 allows remote attackers to obtain arbitrary files via prog_id field.
4 CVE-2017-12077 400 DoS 2017-08-28 2017-08-31
4.0
None Remote Low Single system None None Partial
Uncontrolled Resource Consumption vulnerability in SYNO.Core.PortForwarding.Rules in Synology Router Manager (SRM) before 1.1.4-6509 allows remote authenticated attacker to exhaust the memory resources of the machine, causing a denial of service attack.
5 CVE-2017-12076 400 DoS 2017-08-28 2017-08-31
4.0
None Remote Low Single system None None Partial
Uncontrolled Resource Consumption vulnerability in SYNO.Core.PortForwarding.Rules in Synology DiskStation (DSM) before 6.1.1-15088 allows remote authenticated attacker to exhaust the memory resources of the machine, causing a denial of service attack.
6 CVE-2017-12074 22 Dir. Trav. 2017-08-24 2017-08-29
4.0
None Remote Low Single system None Partial None
Directory traversal vulnerability in the SYNO.DNSServer.Zone.MasterZoneConf in Synology DNS Server before 2.2.1-3042 allows remote authenticated attackers to write arbitrary files via the domain_name parameter.
7 CVE-2017-12072 79 XSS 2017-12-20 2018-01-05
3.5
None Remote Medium Single system None Partial None
Cross-site scripting (XSS) vulnerability in PixlrEditorHandler.php in Synology Photo Station before 6.8.0-3456 allows remote authenticated users to inject arbitrary web scripts or HTML via the id parameter.
8 CVE-2017-12071 918 2017-09-08 2017-09-11
4.0
None Remote Low Single system Partial None None
Server-side request forgery (SSRF) vulnerability in file_upload.php in Synology Photo Station before 6.7.4-3433 and 6.3-2968 allows remote authenticated users to download arbitrary local files via the url parameter.
9 CVE-2017-11162 22 Dir. Trav. 2017-09-08 2017-09-11
4.0
None Remote Low Single system Partial None None
Directory traversal vulnerability in synphotoio in Synology Photo Station before 6.7.4-3433 and 6.3-2968 allows remote authenticated users to read arbitrary files via unspecified vectors.
10 CVE-2017-11161 89 Exec Code Sql 2017-09-08 2017-09-11
7.5
None Remote Low Not required Partial Partial Partial
Multiple SQL injection vulnerabilities in Synology Photo Station before 6.7.4-3433 and 6.3-2968 allow remote attackers to execute arbitrary SQL commands via the (1) article_id parameter to label.php; or (2) type parameter to synotheme.php.
11 CVE-2017-11160 426 Exec Code 2017-08-18 2017-08-29
4.6
None Local Low Not required Partial Partial Partial
Multiple untrusted search path vulnerabilities in installer in Synology Assistant before 6.1-15163 on Windows allows local attackers to execute arbitrary code and conduct DLL hijacking attack via a Trojan horse (1) shfolder.dll, (2) ntmarta.dll, (3) secur32.dll or (4) dwmapi.dll file in the current working directory.
12 CVE-2017-11159 426 Exec Code 2017-08-23 2017-08-29
4.6
None Local Low Not required Partial Partial Partial
Multiple untrusted search path vulnerabilities in installer in Synology Photo Station Uploader before 1.4.2-084 on Windows allows local attackers to execute arbitrary code and conduct DLL hijacking attack via a Trojan horse (1) shfolder.dll, (2) ntmarta.dll, (3) secur32.dll or (4) dwmapi.dll file in the current working directory.
13 CVE-2017-11158 426 Exec Code 2017-08-31 2017-09-05
4.6
None Local Low Not required Partial Partial Partial
Multiple untrusted search path vulnerabilities in the installer in Synology Cloud Station Drive before 4.2.5-4396 on Windows allow local attackers to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse (1) shfolder.dll, (2) ntmarta.dll, (3) secur32.dll or (4) dwmapi.dll file in the current working directory.
14 CVE-2017-11157 426 Exec Code 2017-08-30 2017-09-05
4.6
None Local Low Not required Partial Partial Partial
Multiple untrusted search path vulnerabilities in the installer in Synology Cloud Station Backup before 4.2.5-4396 on Windows allow local attackers to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse (1) shfolder.dll, (2) ntmarta.dll, (3) secur32.dll or (4) dwmapi.dll file in the current working directory.
15 CVE-2017-11156 264 Exec Code 2017-08-14 2017-08-25
6.5
None Remote Low Single system Partial Partial Partial
Synology Download Station 3.8.x before 3.8.5-3475 and 3.x before 3.5-2984 uses weak permissions (0777) for ui/dlm/btsearch directory, which allows remote authenticated users to execute arbitrary code by uploading an executable via unspecified vectors.
16 CVE-2017-11155 200 +Info 2017-08-08 2017-08-18
5.0
None Remote Low Not required Partial None None
An information exposure vulnerability in index.php in Synology Photo Station before 6.7.3-3432 and 6.3-2967 allows remote attackers to obtain sensitive system information via unspecified vectors.
17 CVE-2017-11154 434 2017-08-08 2017-08-17
6.5
None Remote Low Single system Partial Partial Partial
Unrestricted file upload vulnerability in PixlrEditorHandler.php in Synology Photo Station before 6.7.3-3432 and 6.3-2967 allows remote attackers to create arbitrary PHP scripts via the type parameter.
18 CVE-2017-11153 502 +Priv 2017-08-08 2017-08-18
7.5
None Remote Low Not required Partial Partial Partial
Deserialization vulnerability in synophoto_csPhotoMisc.php in Synology Photo Station before 6.7.3-3432 and 6.3-2967 allows remote attackers to gain administrator privileges via a crafted serialized payload.
19 CVE-2017-11152 22 Dir. Trav. 2017-08-08 2017-08-17
5.0
None Remote Low Not required None Partial None
Directory traversal vulnerability in PixlrEditorHandler.php in Synology Photo Station before 6.7.3-3432 and 6.3-2967 allows remote attackers to write arbitrary files via the path parameter.
20 CVE-2017-11151 287 2017-08-08 2017-08-18
7.5
None Remote Low Not required Partial Partial Partial
A vulnerability in synotheme_upload.php in Synology Photo Station before 6.7.3-3432 and 6.3-2967 allows remote attackers to upload arbitrary files without authentication via the logo_upload action.
21 CVE-2017-11150 77 Exec Code 2017-08-14 2017-08-25
6.5
None Remote Low Single system Partial Partial Partial
Command injection vulnerability in Document.php in Synology Office 2.2.0-1502 and 2.2.1-1506 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the crafted file name of RTF documents.
22 CVE-2017-11149 918 2017-08-14 2017-08-23
4.0
None Remote Low Single system Partial None None
Server-side request forgery (SSRF) vulnerability in Downloader in Synology Download Station 3.8.x before 3.8.5-3475 and 3.x before 3.5-2984 allows remote authenticated users to download arbitrary local files via crafted URI.
23 CVE-2017-11148 918 2017-08-11 2017-08-24
4.0
None Remote Low Single system Partial None None
Server-side request forgery (SSRF) vulnerability in link preview in Synology Chat before 1.1.0-0806 allows remote authenticated users to access intranet resources via unspecified vectors.
24 CVE-2017-9556 79 XSS 2017-08-11 2017-08-17
3.5
None Remote Medium Single system None Partial None
Cross-site scripting (XSS) vulnerability in Video Metadata Editor in Synology Video Station before 2.3.0-1435 allows remote authenticated attackers to inject arbitrary web script or HTML via the title parameter.
25 CVE-2017-9555 79 XSS 2017-08-24 2017-08-29
3.5
None Remote Medium Single system None Partial None
Cross-site scripting (XSS) vulnerability in PixlrEditorHandler.php in Synology Photo Station before 6.7.0-3414 allows remote attackers to inject arbitrary web script or HTML via the image parameter.
26 CVE-2017-9554 200 +Info 2017-07-24 2018-01-11
5.0
None Remote Low Not required Partial None None
An information exposure vulnerability in forget_passwd.cgi in Synology DiskStation Manager (DSM) before 6.1.3-15152 allows remote attackers to enumerate valid usernames via unspecified vectors.
27 CVE-2017-9553 310 Bypass 2017-07-24 2017-08-15
4.3
None Remote Medium Not required Partial None None
A design flaw in SYNO.API.Encryption in Synology DiskStation Manager (DSM) before 6.1.3-15152 allows remote attackers to bypass the encryption protection mechanism via the crafted version parameter.
28 CVE-2017-9552 287 2017-06-13 2017-07-03
2.1
None Local Low Not required Partial None None
A design flaw in authentication in Synology Photo Station 6.0-2528 through 6.7.1-3419 allows local users to obtain credentials via cmdline. Synology Photo Station employs the synophoto_dsm_user program to authenticate username and password by "synophoto_dsm_user --auth USERNAME PASSWORD", and local users are able to obtain credentials by sniffing "/proc/*/cmdline".
29 CVE-2016-10331 22 Dir. Trav. 2017-05-12 2017-05-23
5.0
None Remote Low Not required Partial None None
Directory traversal vulnerability in download.php in Synology Photo Station before 6.5.3-3226 allows remote attackers to read arbitrary files via a full pathname in the id parameter.
30 CVE-2016-10330 22 Dir. Trav. 2017-05-12 2017-05-23
4.6
None Local Low Not required Partial Partial Partial
Directory traversal vulnerability in synophoto_dsm_user, a SUID program, as used in Synology Photo Station before 6.5.3-3226 allows local users to write to arbitrary files via unspecified vectors.
31 CVE-2016-10329 77 Exec Code 2017-05-12 2017-05-23
7.5
None Remote Low Not required Partial Partial Partial
Command injection vulnerability in login.php in Synology Photo Station before 6.5.3-3226 allows remote attackers to execute arbitrary code via shell metacharacters in the crafted 'X-Forwarded-For' header.
32 CVE-2016-10323 264 Exec Code +Priv 2017-04-10 2017-04-17
7.2
None Local Low Not required Complete Complete Complete
Synology Photo Station before 6.3-2958 allows local users to gain privileges by leveraging setuid execution of a "synophoto_dsm_user --copy-no-ea" command.
33 CVE-2016-10322 77 Exec Code 2017-04-10 2017-04-17
6.5
None Remote Low Single system Partial Partial Partial
Synology Photo Station before 6.3-2958 allows remote authenticated guest users to execute arbitrary commands via shell metacharacters in the X-Forwarded-For HTTP header to photo/login.php.
34 CVE-2015-9105 79 XSS 2017-06-30 2017-07-05
3.5
None Remote Medium Single system None Partial None
Multiple cross-site scripting (XSS) vulnerabilities in Synology Video Station 1.2 before 1.2-0455, 1.5 before 1.5-0772, and 1.6 before 1.6-0847 allow remote authenticated attackers to inject arbitrary web script or HTML via the (1) file name or (2) collection name of videos.
35 CVE-2015-9104 79 XSS 2017-06-30 2017-07-05
3.5
None Remote Medium Single system None Partial None
Cross-site scripting (XSS) vulnerabilities in Synology Audio Station 5.1 before 5.1-2550 and 5.4 before 5.4-2857 allows remote authenticated attackers to inject arbitrary web script or HTML via the album title.
36 CVE-2015-9103 79 XSS 2017-06-30 2017-07-05
3.5
None Remote Medium Single system None Partial None
Multiple cross-site scripting (XSS) vulnerabilities in Synology Note Station 1.1-0212 and earlier allow remote authenticated attackers to inject arbitrary web script or HTML via the (1) note title or (2) file name of attachments.
37 CVE-2015-9102 79 XSS 2017-06-30 2017-07-05
3.5
None Remote Medium Single system None Partial None
Multiple cross-site scripting (XSS) vulnerabilities in Synology Photo Station 6.0 before 6.0-2638 and 6.3 before 6.3-2962 allow remote authenticated attackers to inject arbitrary web script or HTML via the (1) album name, (2) file name of uploaded photos, (3) description of photos, or (4) tag of the photos.
38 CVE-2015-6913 79 XSS 2015-09-11 2015-09-14
4.3
None Remote Medium Not required None Partial None
Cross-site scripting (XSS) vulnerability in the "Create download task via URL" feature in Synology Download Station before 3.5-2967 allows remote attackers to inject arbitrary web script or HTML via the urls parameter in an add_url_task action to dlm/downloadman.cgi.
39 CVE-2015-6912 77 Exec Code 2015-09-11 2015-09-14
10.0
None Remote Low Not required Complete Complete Complete
Synology Video Station before 1.5-0763 allows remote attackers to execute arbitrary shell commands via shell metacharacters in the subtitle_codepage parameter to subtitle.cgi.
40 CVE-2015-6911 89 Exec Code Sql 2015-09-11 2015-09-14
7.5
None Remote Low Not required Partial Partial Partial
SQL injection vulnerability in Synology Video Station before 1.5-0763 allows remote attackers to execute arbitrary SQL commands via the id parameter to watchstatus.cgi.
41 CVE-2015-6910 89 Exec Code Sql 2015-09-11 2015-09-14
7.5
None Remote Low Not required Partial Partial Partial
SQL injection vulnerability in Synology Video Station before 1.5-0757 allows remote attackers to execute arbitrary SQL commands via the id parameter to audiotrack.cgi.
42 CVE-2015-6909 79 XSS 2015-09-11 2015-09-14
4.3
None Remote Medium Not required None Partial None
Cross-site scripting (XSS) vulnerability in the "Create download task via file upload" feature in Synology Download Station before 3.5-2962 allows remote attackers to inject arbitrary web script or HTML via the name element in the Info dictionary in a torrent file.
43 CVE-2015-4656 79 XSS 2015-06-18 2016-11-28
4.3
None Remote Medium Not required None Partial None
Multiple cross-site scripting (XSS) vulnerabilities in Synology Photo Station before 6.3-2945 allow remote attackers to inject arbitrary web script or HTML via the (1) success parameter to login.php or (2) crafted URL parameters to index.php, as demonstrated by the t parameter to photo/.
44 CVE-2015-4655 79 XSS 2015-06-18 2016-11-28
4.3
None Remote Medium Not required None Partial None
Cross-site scripting (XSS) vulnerability in Synology DiskStation Manager (DSM) before 5.2-5565 Update 1 allows remote attackers to inject arbitrary web script or HTML via the "compound" parameter to entry.cgi.
45 CVE-2015-2851 264 2015-05-30 2016-12-02
6.8
None Local Low Single system Complete Complete Complete
client_chown in the sync client in Synology Cloud Station 1.1-2291 through 3.1-3320 on OS X allows local users to change the ownership of arbitrary files, and consequently obtain root access, by specifying a filename.
46 CVE-2015-2809 200 DoS +Info 2015-03-31 2016-07-29
5.0
None Remote Low Not required Partial None None
The Multicast DNS (mDNS) responder in Synology DiskStation Manager (DSM) before 3.1 inadvertently responds to unicast queries with source addresses that are not link-local, which allows remote attackers to cause a denial of service (traffic amplification) or obtain potentially sensitive information via port-5353 UDP packets to the Avahi component.
47 CVE-2014-6868 310 +Info 2014-10-02 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The DS audio (aka com.synology.DSaudio) application 3.4 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
48 CVE-2014-6848 310 +Info 2014-09-30 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The DS file (aka com.synology.DSfile) application 4.1.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
49 CVE-2014-6836 310 +Info 2014-09-30 2014-11-14
5.4
None Local Network Medium Not required Partial Partial Partial
The DS photo+ (aka com.synology.dsphoto) application 3.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
50 CVE-2014-2264 255 2014-03-02 2014-03-03
7.8
None Remote Low Not required Complete None None
The OpenVPN module in Synology DiskStation Manager (DSM) 4.3-3810 update 1 has a hardcoded root password of synopass, which makes it easier for remote attackers to obtain access via a VPN session.
Total number of vulnerabilities : 55   Page : 1 (This Page)2
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.