Synology : Security Vulnerabilities, CVEs, Published In 2019 (Information Leak)
Information exposure vulnerability in SYNO.SynologyDrive.Files in Synology Drive before 1.1.2-10562 allows remote attackers to obtain sensitive system information via the dsm_path parameter.
Max CVSS
5.3
EPSS Score
0.13%
Published
2019-04-01
Updated
2019-10-09
Information exposure vulnerability in SYNO.Personal.Application.Info in Synology Application Service before 1.5.4-0320 allows remote authenticated users to obtain sensitive system information via the version parameter.
Max CVSS
6.5
EPSS Score
0.06%
Published
2019-04-01
Updated
2019-10-09
Information exposure vulnerability in SYNO.Personal.Profile in Synology Application Service before 1.5.4-0320 allows remote authenticated users to obtain sensitive system information via the uid parameter.
Max CVSS
6.5
EPSS Score
0.06%
Published
2019-04-01
Updated
2019-10-09
Information exposure vulnerability in /usr/syno/etc/mount.conf in Synology Router Manager (SRM) before 1.1.7-6941-2 allows remote authenticated users to obtain sensitive information via the world readable configuration.
Max CVSS
4.3
EPSS Score
0.05%
Published
2019-04-01
Updated
2019-10-09
Information exposure vulnerability in /usr/syno/etc/mount.conf in Synology DiskStation Manager (DSM) before 6.2.1-23824 allows remote authenticated users to obtain sensitive information via the world readable configuration.
Max CVSS
4.3
EPSS Score
0.05%
Published
2019-04-01
Updated
2019-10-09
Information exposure vulnerability in SYNO.Core.ACL in Synology Router Manager (SRM) before 1.1.7-6941-2 allows remote authenticated users to determine the existence of files or obtain sensitive information of files via the file_path parameter.
Max CVSS
4.3
EPSS Score
0.05%
Published
2019-04-01
Updated
2019-10-09
Information exposure vulnerability in SYNO.FolderSharing.List in Synology Router Manager (SRM) before 1.1.7-6941-2 allows remote attackers to obtain sensitive information via the (1) folder_path or (2) real_path parameter.
Max CVSS
5.3
EPSS Score
0.13%
Published
2019-04-01
Updated
2019-10-09
Information exposure vulnerability in SYNO.FolderSharing.List in Synology File Station before 1.2.3-0252 and before 1.1.5-0125 allows remote attackers to obtain sensitive information via the (1) folder_path or (2) real_path parameter.
Max CVSS
5.3
EPSS Score
0.13%
Published
2019-04-01
Updated
2019-10-09
8 vulnerabilities found