Improper neutralization of special elements used in an SQL command (‘SQL Injection’) vulnerability in Log Management functionality in Synology DiskStation Manager (DSM) before 7.0.1-42218-2 allows remote attackers to inject SQL commands via unspecified vectors.
CPE | Name | Operator | Version |
---|---|---|---|
diskstation_manager | ge | 6.2 | |
diskstation_manager | lt | 6.2.4 | |
diskstation_manager | ge | 7.0 | |
diskstation_manager | lt | 7.0.1 |