CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

12 matches found

0day.today•added 2020/05/26 12:0 a.m.•86 views

Synology DiskStation Manager - smart.cgi Remote Command Execution Exploit

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule \d+&minor=?\d+&build=?\d+ &junior=\d+&unique=synology\w+?^&+/x.freeze def initializeinfo = super updateinfo info, 'Name' = 'Synology DiskStation...

8.8CVSS0.2AI score0.6238EPSS

Exploits5

0daydb•added 2020/05/25 2:9 p.m.•123 views

Synology DiskStation Manager smart.cgi - Remote Command Execution

This Metasploit module exploits a vulnerability found in Synology DiskStation Manager DSM versions prior to 5.2-5967-5... This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule \d+&minor=?\d+&build=?\d...

7.2CVSS0.2AI score0.6238EPSS

Exploits16

Metasploit•added 2020/05/19 10:39 p.m.•238 views

Synology DiskStation Manager smart.cgi Remote Command Execution

This module exploits a vulnerability found in Synology DiskStation Manager DSM versions \d+&minor=?\d+&build=?\d+ &junior=\d+&unique=synology\w+?^&+/x.freeze def initializeinfo = super updateinfo info, 'Name' = 'Synology DiskStation Manager smart.cgi Remote Command Execution', 'Description' = %q...

8.8CVSS7.7AI score0.6238EPSS

Exploits5

CNVD•added 2017/12/05 12:0 a.m.•1 views

Synology DiskStation Manager Command Injection Vulnerability

Synology DiskStation Manager DSM is an operating system for use on Network Storage Servers NAS from Synology. The operating system manages information such as data, files, photos, music, and more. A command injection vulnerability exists in the smart.cgi file in Synology DSM versions prior to...

8.8CVSS8.1AI score0.6238EPSS

Exploits5References1

OSV•added 2017/12/04 7:29 p.m.•0 views

CVE-2017-15889

Command injection vulnerability in smart.cgi in Synology DiskStation Manager DSM before 5.2-5967-5 allows remote authenticated users to execute arbitrary commands via disk field...

8.8CVSS6AI score

Exploits0References2

NVD•added 2017/12/04 7:29 p.m.•18 views

CVE-2017-15889

Command injection vulnerability in smart.cgi in Synology DiskStation Manager DSM before 5.2-5967-5 allows remote authenticated users to execute arbitrary commands via disk field...

8.8CVSS8.8AI score0.6238EPSS

Exploits5References2

CVE•added 2017/12/04 7:0 p.m.•123 views

CVE-2017-15889

CVE-2017-15889 is a command injection vulnerability in Synology DiskStation Manager (DSM) smart.cgi that affects DSM versions prior to 5.2-5967-5. An authenticated remote attacker can inject commands via the disk field, potentially executing arbitrary commands with root privileges. Public details...

8.8CVSS8.4AI score0.6238EPSS

Exploits5References2Affected Software1

Positive Technologies•added 2017/12/04 12:0 a.m.•1 views

PT-2017-14267 · Synology · Synology Diskstation Manager

Name of the Vulnerable Software and Affected Versions: Synology DiskStation Manager DSM versions prior to 5.2-5967-5 Description: The issue allows remote authenticated users to execute arbitrary commands via the disk field in the smart.cgi script. This can be exploited by sending a malicious...

8.8CVSS8AI score0.6238EPSS

Exploits5References7

ATTACKERKB•added 2017/12/04 12:0 a.m.•22 views

CVE-2017-15889

Command injection vulnerability in smart.cgi in Synology DiskStation Manager DSM before 5.2-5967-5 allows remote authenticated users to execute arbitrary commands via disk field. Recent assessments: h00die at May 20, 2020 12:19pm UTC reported: AUTHENTICATED command execution in...

8.8CVSS3.2AI score0.6238EPSS

Exploits5References3

Packet Storm•added 2017/11/29 12:0 a.m.•39 views

Synology StorageManager 5.2 Remote Command Execution

''' SSD Advisory a Synology StorageManager smart.cgi Remote Command Execution Full report: https://blogs.securiteam.com/index.php/archives/3540 Twitter: @SecuriTeamSSD Weibo: SecuriTeamSSD i?Vulnerability Summary The following advisory describes a remote command execution vulnerability found in...

7.4AI score

Exploits0

seebug.org•added 2017/11/29 12:0 a.m.•117 views

Synology StorageManager smart.cgi Remote Command Execution

Vulnerability Summary The following advisory describes a remote command execution vulnerability found in Synology StorageManager. Storage Manager is “a management application that helps you organize and monitor the storage capacity on your Synology NAS. Depending on the model and number of...

7.3AI score

Exploits0

0day.today•added 2017/11/28 12:0 a.m.•148 views

Synology StorageManager 5.2 - Remote Root Command Execution Exploit

Exploit for cgi platform in category web applications ''' SSD Advisory – Synology StorageManager smart.cgi Remote Command Execution Full report: https://blogs.securiteam.com/index.php/archives/3540 Twitter: @SecuriTeamSSD Weibo: SecuriTeamSSD Vulnerability Summary The following advisory describes...

7.1AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by