CVE-2023-52944

Incorrect authorization vulnerability in ActionRule webapi component in Synology Surveillance Station before 9.2.0-11289 and 9.2.0-9289 allows remote authenticated users to perform limited actions on the set action rules function via unspecified vectors...

CVE-2023-52944

Synology Surveillance Station’s ActionRule webapi vulnerability (CVE-2023-52944): an incorrect authorization flaw allows remote authenticated users to perform limited actions on the set action rules function. Affected products: Synology Surveillance Station prior to versions 9.2.0-11289 and 9.2.0...

CVE-2024-29237

Improper neutralization of special elements used in an SQL command 'SQL Injection' vulnerability in ActionRule.Delete webapi component in Synology Surveillance Station before 9.2.0-11289 and 9.2.0-9289 allows remote authenticated users to read database containing non-sensitive information and...

Synology Surveillance Station 安全漏洞

Synology Surveillance Station is an application from Synology, a Chinese company. It provides intelligent monitoring and video management tools to protect your valuable assets. A security vulnerability previously existed in Synology Surveillance Station version 9.2.0-11289, which stemmed from an...

PT-2024-9409 · Synology · Synology Surveillance Station

Name of the Vulnerable Software and Affected Versions: Synology Surveillance Station versions prior to 9.2.0-11289 and 9.2.0-9289 Description: The issue is related to an incorrect authorization vulnerability in the ActionRule webapi component. This vulnerability allows remote authenticated users ...