2 matches found
(Pwn2Own) Synology BeeStation BST150-4T SQL Injection Remote Code Execution Vulnerability
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Synology BeeStation BST150-4T devices. Authentication is required to exploit this vulnerability. The specific flaw exists within the updatesettings command. The issue results from the lack ...
(Pwn2Own) Synology BeeStation BST150-4T Command Injection Remote Code Execution Vulnerability
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Synology BeeStation BST150-4T devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of websocket requests. When parsing the...