synology
352 tracked vulnerabilities.
CVE-2024-53285
MEDIUM
Synology Router Manager < 1.3.1-9346 - Authenticated Stored Cross-Site Scripting in DDNS Record Functionality
Dec 09, 2024
CVSS 5.9
EPSS 0.00
CVE-2024-53284
MEDIUM
Synology Router Manager < 1.3.1-9346 - Authenticated Cross-Site Scripting in WiFi Connect Setting
Dec 09, 2024
CVSS 5.9
EPSS 0.00
CVE-2024-53283
MEDIUM
Synology Router Manager < 1.3.1-9346-10 - Authenticated Cross-Site Scripting in Port Forward Functionality
Dec 09, 2024
CVSS 5.9
EPSS 0.00
CVE-2024-53282
MEDIUM
Synology Router Manager < 1.3.1-9346 - Authenticated Cross-Site Scripting in WiFi Connect MAC Filter
Dec 09, 2024
CVSS 5.9
EPSS 0.00
CVE-2024-53281
MEDIUM
Synology Router Manager < 1.3.1-9346 - Authenticated Cross-Site Scripting in Network WOL Functionality
Dec 09, 2024
CVSS 5.9
EPSS 0.00
CVE-2024-53280
MEDIUM
Synology Router Manager < 1.3.1-9346 - Authenticated Cross-Site Scripting in Network Center Policy Route
Dec 09, 2024
CVSS 5.9
EPSS 0.00
CVE-2024-53279
MEDIUM
Synology Router Manager < 1.3.1-9346 - Authenticated Cross-Site Scripting in File Station
Dec 09, 2024
CVSS 5.9
EPSS 0.00
CVE-2024-11398
HIGH
Synology Router Manager <1.3.1-9346-9 - Path Traversal
Dec 04, 2024
CVSS 8.1
EPSS 0.01
CVE-2024-10443
CRITICAL
NUCLEI
Synology Photos < 1.6.2-0720 and BeePhotos < 1.1.0-10053 - OS Command Injection in Task Manager
Nov 15, 2024
CVSS 9.8
EPSS 0.28
CVE-2024-39350
HIGH
Synology BC500 and TC500 Firmware < 1.0.7-0298 - Authentication Bypass via RTSP Spoofing
Jun 28, 2024
CVSS 7.5
EPSS 0.01
CVE-2024-39348
HIGH
Synology Router Manager < 1.2.5-8227 - Remote Code Execution via AirPrint Functionality
Jun 28, 2024
CVSS 7.5
EPSS 0.00
CVE-2024-39347
MEDIUM
Synology Router Manager 1.2-1.2.5-8227 - Incorrect Default Permissions in Firewall Functionality
Jun 28, 2024
CVSS 5.9
EPSS 0.01
CVE-2024-39352
MEDIUM
Synology BC500 and TC500 Firmware < 1.0.7-0298 - Authenticated Firmware Integrity Check Bypass
Jun 28, 2024
CVSS 4.9
EPSS 0.01
CVE-2024-39351
HIGH
Synology BC500 and TC500 Firmware < 1.0.7-0298 - Authenticated OS Command Injection via NTP Configuration
Jun 28, 2024
CVSS 7.2
EPSS 0.02
CVE-2024-39349
CRITICAL
Synology BC500 and TC500 Firmware < 1.0.7-0298 - Remote Code Execution via Buffer Overflow in libjansson
Jun 28, 2024
CVSS 9.8
EPSS 0.01
CVE-2024-5463
MEDIUM
Synology BC500 and TC500 Firmware < 1.1.1-0383 - Classic Buffer Overflow in Login Component
Jun 04, 2024
CVSS 6.5
EPSS 0.00
CVE-2024-29241
CRITICAL
Synology Surveillance Station < 9.2.0-9289 - Authenticated Missing Authorization in System WebAPI
Mar 28, 2024
CVSS 9.9
EPSS 0.01
CVE-2024-29240
MEDIUM
Synology Surveillance Station <9.2.0-11289,9.2.0-9289 - DoS
Mar 28, 2024
CVSS 4.3
EPSS 0.01
CVE-2024-29239
MEDIUM
Synology Surveillance Station <9.2.0-11289,9.2.0-9289 - SQL Injection
Mar 28, 2024
CVSS 5.4
EPSS 0.01
CVE-2024-29238
MEDIUM
Synology Surveillance Station <9.2.0-9289,9.2.0-11289 - SQL Injection
Mar 28, 2024
CVSS 5.4
EPSS 0.01
CVE-2024-29237
MEDIUM
Synology Surveillance Station <9.2.0-11289,9.2.0-9289 - SQL Injection
Mar 28, 2024
CVSS 5.4
EPSS 0.01
CVE-2024-29236
MEDIUM
Synology Surveillance Station <9.2.0-9289,9.2.0-11289 - SQL Injection
Mar 28, 2024
CVSS 5.4
EPSS 0.01
CVE-2024-29235
MEDIUM
Synology Surveillance Station <9.2.0-11289,9.2.0-9289 - SQL Injection
Mar 28, 2024
CVSS 5.4
EPSS 0.01
CVE-2024-29234
MEDIUM
Synology Surveillance Station <9.2.0-11289,9.2.0-9289 - SQL Injection
Mar 28, 2024
CVSS 5.4
EPSS 0.01
CVE-2024-29233
MEDIUM
Synology Surveillance Station <9.2.0-9289,9.2.0-11289 - SQL Injection
Mar 28, 2024
CVSS 5.4
EPSS 0.01
Products
diskstation_manager 97
router_manager 59
photo_station 33
surveillance_station 25
vs960hd_firmware 22
diskstation_manager_unified_controller 20
skynas 16
Synology Photo Station 13
skynas_firmware 13
calendar 11
bc500_firmware 9
tc500_firmware 9
active_backup_for_business_agent 8
download_station 8
Surveillance Station 6
beedrive 6
drive_client 6
drive_server 6
media_server 6
video_station 6
dns_server 5
note_station 5
ssl_vpn_client 5
Photo Station 4
audio_station 4
beestation_os 4
directory_server 4
radius_server 4
DiskStation Manager (DSM) 3
carddav_server 3
Quick Filters