Media Server Security Vulnerabilities and Issues — Media Server CVE List

Lucene search

SynologyMedia Server

2 matches found

CVE•added 2018/05/10 1:29 p.m.•31 views

CVE-2018-8914

SQL injection vulnerability in UPnP DMA in Synology Media Server before 1.7.6-2842 and before 1.4-2654 allows remote attackers to execute arbitrary SQL commands via the ObjectID parameter.

9.8CVSS9.9AI score0.00341EPSS

CVE•added 2021/06/01 2:15 p.m.•27 views

CVE-2021-33180

Improper neutralization of special elements used in an SQL command ('SQL Injection') vulnerability in cgi component in Synology Media Server before 1.8.1-2876 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

9.8CVSS9.8AI score0.00341EPSS