3 matches found
Synology DiskStation Manager SQL Injection (CVE-2021-43925)
Improper neutralization of special elements used in an SQL command 'SQL Injection' vulnerability in Log Management functionality in Synology DiskStation Manager DSM before 7.0.1-42218-2 allows remote attackers to inject SQL commands via unspecified vectors. This plugin only works with Tenable.ot...
Synology DiskStation Manager (DSM) 6.2.x < 6.2.4-25556-3, 7.x < 7.0.1-42218-2 Multiple Vulnerabilities (Synology-SA-22:01) - Remote Known Vulnerable Versions Check
Synology DiskStation Manager DSM is prone to a OS command injection vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
CVE-2021-43925
Event: CVE-2021-43925 affects Synology DiskStation Manager (DSM) Log Management. Root cause: improper neutralization of special elements used in an SQL command, enabling SQL injection. Affected: DSM versions before 7.0.1-42218-2. Impact: remote attackers can inject SQL commands via unspecified ve...