Synology DiskStation Manager (DSM) is an operating system used on network storage servers (NAS) by Synology Inc. of Taiwan, China. A command injection vulnerability exists in Synology DiskStation Manager (DSM), which stems from a failure to properly filter constructed command special characters, commands, etc. in the File service function. An authenticated attacker can use this vulnerability to execute arbitrary commands via unspecified vectors.