16 matches found
CVE-2025-66593
An origin validation error vulnerability in Synology Assistant before 7.0.6-50085 allows local users to write arbitrary files with restricted content and conduct denial-of-service during installation...
CVE-2025-66593
An origin validation error vulnerability in Synology Assistant before 7.0.6-50085 allows local users to write arbitrary files with restricted content and conduct denial-of-service during installation...
CVE-2025-66593
An origin validation error vulnerability in Synology Assistant before 7.0.6-50085 allows local users to write arbitrary files with restricted content and conduct denial-of-service during installation...
CVE-2025-66593
An origin validation error vulnerability in Synology Assistant before 7.0.6-50085 allows local users to write arbitrary files with restricted content and conduct denial-of-service during installation...
EUVD-2025-209963
An origin validation error vulnerability in Synology Assistant before 7.0.6-50085 allows local users to write arbitrary files with restricted content during installation...
CVE-2025-66593
An origin validation error vulnerability in Synology Assistant before 7.0.6-50085 allows local users to write arbitrary files with restricted content and conduct denial-of-service during installation...
CVE-2025-66593
CVE-2025-66593 affects Synology Assistant prior to 7.0.6-50085. The issue is an origin validation error during installation that lets local users write arbitrary files with restricted content. Impact per available data: integrity is Low, availability is High, confidentiality is None; CVSS 3.1 bas...
Synology Assistant 访问控制错误漏洞
Synology Assistant is a network storage device discovery and management tool provided by the Chinese company Synology. Versions of Synology Assistant prior to 7.0.6-50085 contained a access control vulnerability caused by a source verification error. This vulnerability could allow local users to...
PT-2026-43591
Name of the Vulnerable Software and Affected Versions Synology Assistant versions prior to 7.0.6-50085 Description An origin validation error allows local users to write arbitrary files with restricted content during the installation process. Recommendations Update to version 7.0.6-50085 or later...
EUVD-2017-2795
Malware in sbrugna...
Synology findhostd Detection (UDP)
UDP based detection of services supporting findhost protocol as used by the Synology Assistant. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
Multiple untrustworthy search path vulnerabilities in Synology Assistant
Synology Assistant is a Synology DiskStation LAN installation and management assistant. Multiple untrusted search path vulnerabilities in the Synology Assistant's installer can be exploited by a local attacker to execute arbitrary code or perform DLL hijacking via a Trojan horse in the current...
Design/Logic Flaw
Multiple untrusted search path vulnerabilities in installer in Synology Assistant before 6.1-15163 on Windows allows local attackers to execute arbitrary code and conduct DLL hijacking attack via a Trojan horse 1 shfolder.dll, 2 ntmarta.dll, 3 secur32.dll or 4 dwmapi.dll file in the current worki...
CVE-2017-11160
Multiple untrusted search path vulnerabilities in installer in Synology Assistant before 6.1-15163 on Windows allows local attackers to execute arbitrary code and conduct DLL hijacking attack via a Trojan horse 1 shfolder.dll, 2 ntmarta.dll, 3 secur32.dll or 4 dwmapi.dll file in the current worki...
CVE-2017-11160
Multiple untrusted search path vulnerabilities in installer in Synology Assistant before 6.1-15163 on Windows allows local attackers to execute arbitrary code and conduct DLL hijacking attack via a Trojan horse 1 shfolder.dll, 2 ntmarta.dll, 3 secur32.dll or 4 dwmapi.dll file in the current worki...
CVE-2017-11160
Summary: CVE-2017-11160 affects the Synology Assistant installer for Windows prior to version 6.1-15163, enabling local code execution and DLL hijacking when a Trojan horse DLL is loaded from the current working directory. The vulnerable component is the installer used by Synology Assistant; the ...