EIP-2026-100907

PRE-CVE

Synology StorageManager 5.2 - Root Remote Command Execution

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-100907. PoCs published by SecuriTeam.

AI-analyzed exploit summary This exploit leverages an unsanitized input vulnerability in Synology StorageManager's smart.cgi to achieve remote command execution as root via command injection. The PoC demonstrates chaining commands using backticks to execute arbitrary commands on the target system.

Description

Synology StorageManager 5.2 - Root Remote Command Execution

Exploits (1)

exploitdb WORKING POC

by SecuriTeam · pythonwebappscgi

https://www.exploit-db.com/exploits/43190

View Code ZIP pw:eip

This exploit leverages an unsanitized input vulnerability in Synology StorageManager's smart.cgi to achieve remote command execution as root via command injection. The PoC demonstrates chaining commands using backticks to execute arbitrary commands on the target system.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: Synology StorageManager <= 5.2-5967-5

No auth needed

Prerequisites: Network access to the target Synology NAS · Vulnerable version of StorageManager

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1202 - Indirect Command Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026