7 matches found
CVE-2022-22679
Improper limitation of a pathname to a restricted directory 'Path Traversal' vulnerability in support service management in Synology DiskStation Manager DSM before 7.0.1-42218-2 allows remote authenticated users to write arbitrary files via unspecified vectors...
PT-2022-11935 · Synology · Synology Diskstation Manager
Name of the Vulnerable Software and Affected Versions: Synology DiskStation Manager DSM versions prior to 7.0.1-42218-2 Description: The issue is related to improper neutralization of special elements used in an SQL command, also known as SQL Injection, in the Log Management functionality. This...
PT-2022-15626 · Synology · Synology Diskstation Manager
Name of the Vulnerable Software and Affected Versions: Synology DiskStation Manager DSM versions prior to 7.0.1-42218-2 Description: The issue allows remote attackers to obtain sensitive information via unspecified vectors, resulting in the exposure of sensitive information to unauthorized actors...
CVE-2022-22680
Exposure of sensitive information to an unauthorized actor vulnerability in Web Server in Synology DiskStation Manager DSM before 7.0.1-42218-2 allows remote attackers to obtain sensitive information via unspecified vectors...
CVE-2021-43925
Improper neutralization of special elements used in an SQL command 'SQL Injection' vulnerability in Log Management functionality in Synology DiskStation Manager DSM before 7.0.1-42218-2 allows remote attackers to inject SQL commands via unspecified vectors...
CVE-2021-43926
Improper neutralization of special elements used in an SQL command 'SQL Injection' vulnerability in Log Management functionality in Synology DiskStation Manager DSM before 7.0.1-42218-2 allows remote attackers to inject SQL commands via unspecified vectors...
CVE-2022-22679
Improper limitation of a pathname to a restricted directory 'Path Traversal' vulnerability in support service management in Synology DiskStation Manager DSM before 7.0.1-42218-2 allows remote authenticated users to write arbitrary files via unspecified vectors...