Diskstation Manager Security Vulnerabilities and Issues — Diskstation Manager CVE List

Lucene search

SynologyDiskstation Manager

3 matches found

CVE•added 2017/12/04 7:29 p.m.•112 views

CVE-2017-15889

Command injection vulnerability in smart.cgi in Synology DiskStation Manager (DSM) before 5.2-5967-5 allows remote authenticated users to execute arbitrary commands via disk field.

8.8CVSS8.4AI score0.6238EPSS

CVE•added 2017/12/08 4:29 p.m.•51 views

CVE-2017-15894

Directory traversal vulnerability in the SYNO.FileStation.Extract in Synology DiskStation Manager (DSM) 6.0.x before 6.0.3-8754-3 and before 5.2-5967-6 allows remote authenticated users to write arbitrary files via the dest_folder_path parameter.

6.5CVSS6.2AI score0.00296EPSS

CVE•added 2017/12/22 2:29 p.m.•45 views

CVE-2017-16766

An improper access control vulnerability in synodsmnotify in Synology DiskStation Manager (DSM) before 6.1.4-15217 and before 6.0.3-8754-6 allows local users to inject arbitrary web script or HTML via the -fn option.

6.5CVSS6.2AI score0.00242EPSS