Diskstation Manager@* Security Vulnerabilities and Issues — Diskstation Manager@* CVE List

Lucene search

SynologyDiskstation Manager*

7 matches found

CVE•added 2022/10/25 5:15 p.m.•92 views

CVE-2022-27622

Server-Side Request Forgery (SSRF) vulnerability in Package Center functionality in Synology DiskStation Manager (DSM) before 7.1-42661 allows remote authenticated users to access intranet resources via unspecified vectors.

4.3CVSS5.2AI score0.00201EPSS

CVE•added 2022/10/20 6:15 a.m.•79 views

CVE-2022-27626

A vulnerability regarding concurrent execution using shared resource with improper synchronization ('Race Condition') is found in the session processing functionality of Out-of-Band (OOB) Management. This allows remote attackers to execute arbitrary commands via unspecified vectors. The following m...

10CVSS9.2AI score0.02379EPSS

CVE•added 2022/10/20 6:15 a.m.•64 views

CVE-2022-27624

A vulnerability regarding improper restriction of operations within the bounds of a memory buffer is found in the packet decryption functionality of Out-of-Band (OOB) Management. This allows remote attackers to execute arbitrary commands via unspecified vectors. The following models with Synology D...

10CVSS9.7AI score0.01455EPSS

CVE•added 2022/07/28 7:15 a.m.•63 views

CVE-2022-22684

Improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability in task management component in Synology DiskStation Manager (DSM) before 6.2.4-25553 allows remote authenticated users to execute arbitrary commands via unspecified vectors.

8.8CVSS8.7AI score0.01811EPSS

CVE•added 2022/10/25 5:15 p.m.•57 views

CVE-2022-27623

Missing authentication for critical function vulnerability in iSCSI management functionality in Synology DiskStation Manager (DSM) before 7.1-42661 allows remote attackers to read or write arbitrary files via unspecified vectors.

9.1CVSS9.2AI score0.00549EPSS

CVE•added 2022/10/20 6:15 a.m.•57 views

CVE-2022-3576

A vulnerability regarding out-of-bounds read is found in the session processing functionality of Out-of-Band (OOB) Management. This allows remote attackers to obtain sensitive information via unspecified vectors. The following models with Synology DiskStation Manager (DSM) versions before 7.1.1-429...

7.5CVSS8.2AI score0.00319EPSS

CVE•added 2022/10/20 6:15 a.m.•46 views

CVE-2022-27625

A vulnerability regarding improper restriction of operations within the bounds of a memory buffer is found in the message processing functionality of Out-of-Band (OOB) Management. This allows remote attackers to execute arbitrary commands via unspecified vectors. The following models with Synology ...

10CVSS9.7AI score0.01455EPSS