Download Station Security Vulnerabilities and Issues — Download Station CVE List

Lucene search

SynologyDownload Station

4 matches found

CVE•added 2021/06/18 3:15 a.m.•73 views

CVE-2021-34810

Improper privilege management vulnerability in cgi component in Synology Download Station before 3.8.16-3566 allows remote authenticated users to execute arbitrary code via unspecified vectors.

9.9CVSS8.5AI score0.01108EPSS

CVE•added 2021/06/18 3:15 a.m.•67 views

CVE-2021-34811

Server-Side Request Forgery (SSRF) vulnerability in task management component in Synology Download Station before 3.8.16-3566 allows remote authenticated users to access intranet resources via unspecified vectors.

5CVSS4.3AI score0.00116EPSS

CVE•added 2021/06/18 3:15 a.m.•66 views

CVE-2021-34809

Improper neutralization of special elements used in a command ('Command Injection') vulnerability in task management component in Synology Download Station before 3.8.16-3566 allows remote authenticated users to execute arbitrary code via unspecified vectors.

9.9CVSS8.6AI score0.01637EPSS

CVE•added 2021/06/01 2:15 p.m.•37 views

CVE-2021-33184

Server-Side request forgery (SSRF) vulnerability in task management component in Synology Download Station before 3.8.15-3563 allows remote authenticated users to read arbitrary files via unspecified vectors.

7.7CVSS7AI score0.0015EPSS