SQL injection vulnerability in UPnP DMA in Synology Media Server before 1.7.6-2842 and before 1.4-2654 allows remote attackers to execute arbitrary SQL commands via the ObjectID parameter.
CPE | Name | Operator | Version |
---|---|---|---|
media_server | ge | 1.7 | |
media_server | lt | 1.7.6 | |
media_server | ge | 1.4 | |
media_server | lt | 1.4 |