Synology Schwachstellen

Zeitverlauf

Typ

Network Attached Storage Software	110
Not Defined	94
Router Operating System	25
Calendar Software	11
Network Encryption Software	4

Produkt

Synology DiskStation Manager	72
Synology Photo Station	36
Synology Router Manager	25
Synology Surveillance Station	15
Synology Calendar	11

Massnahmen

Official Fix	236
Temporary Fix	0
Workaround	2
Unavailable	3
Not Defined	11

Ausnutzbarkeit

High	5
Functional	0
Proof-of-Concept	21
Unproven	1
Not Defined	225

Zugriffsart

Not Defined	0
Physical	0
Local	15
Adjacent	5
Network	232

Authentisierung

Not Defined	0
High	19
Low	127
None	106

Benutzeraktivität

Not Defined	0
Required	31
None	221

C3BM Index

CVSSv3 Base

≤1	0
≤2	0
≤3	0
≤4	10
≤5	51
≤6	73
≤7	46
≤8	44
≤9	19
≤10	9

CVSSv3 Temp

≤1	0
≤2	0
≤3	0
≤4	16
≤5	49
≤6	78
≤7	55
≤8	33
≤9	13
≤10	8

VulDB

≤1	0
≤2	0
≤3	4
≤4	34
≤5	55
≤6	51
≤7	56
≤8	36
≤9	7
≤10	9

NVD

≤1	0
≤2	0
≤3	0
≤4	2
≤5	12
≤6	39
≤7	26
≤8	26
≤9	31
≤10	18

CNA

≤1	0
≤2	0
≤3	0
≤4	1
≤5	17
≤6	27
≤7	24
≤8	20
≤9	9
≤10	10

Hersteller

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

Research

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

Exploit 0-day

<1k	27
<2k	160
<5k	65
<10k	0
<25k	0
<50k	0
<100k	0
≥100k	0

Exploit heute

<1k	252
<2k	0
<5k	0
<10k	0
<25k	0
<50k	0
<100k	0
≥100k	0

Exploitmarktvolumen

🔴 CTI Aktivitäten

Affected Products (57): Android Moments (1), Antivirus Essential (1), Application Service (2), Assistant (1), Audio Station (4), BC500 (1), Calendar (11), CardDAV Server (3), Chat (3), Cloud Station (1), Cloud Station Drive (1), DNS Server (2), DS107 (1), DS116 (1), DS3622xs+ (4), DSM (8), DS audio (1), DS file (1), DS photo+ (1), DiskStation (1), DiskStation Manager (72), Docker (1), Download Station (8), Drive (4), Dsm (1), FS3410 (4), File Station (3), HD6500 (4), MailPlus Server (3), Mail Station (1), Media Server (4), Moments (1), NAS (1), Note Station (4), Note Station Client (1), Office (3), Photo Station (36), Photo Station Uploader (1), Presto File Server (2), QTS (1), QuTS Hero (1), QuTScloud (1), RT6600ax (1), Router Manager (25), SSL VPN Client (3), SSO Server (2), SafeAccess (2), Storage Analyzer (1), Surveillance Station (15), Surveillance Station Pro (2), TC500 (1), USB Copy (1), Universal Search (1), VPN Plus Server (1), Video Station (5), WebDAV Server (1), Web Station (1)

Link to Vendor Website: https://www.synology.com/

Veröffentlicht	Base	Temp	Schwachstelle	Prod	Aus	Mas	EPSS	CTI	CVE
28.03.2024	6.0	5.9	Synology Surveillance Station WebAPI GetStmUrlPath erweiterte Rechte	Unbekannt	Not Defined	Official Fix	0.00043	0.00	CVE-2024-29228
28.03.2024	8.1	7.9	Synology Surveillance Station WebAPI erweiterte Rechte	Unbekannt	Not Defined	Official Fix	0.00043	0.03	CVE-2024-29241
28.03.2024	4.3	4.2	Synology Surveillance Station WebAPI LayoutSave erweiterte Rechte	Unbekannt	Not Defined	Official Fix	0.00043	0.00	CVE-2024-29240
28.03.2024	5.9	5.7	Synology Surveillance Station WebAPI Recording.CountByCategory SQL Injection	Unbekannt	Not Defined	Official Fix	0.00043	0.05	CVE-2024-29239
28.03.2024	5.9	5.7	Synology Surveillance Station WebAPI Log.CountByCategory SQL Injection	Unbekannt	Not Defined	Official Fix	0.00043	0.00	CVE-2024-29238
28.03.2024	5.9	5.7	Synology Surveillance Station WebAPI ActionRule.Delete SQL Injection	Unbekannt	Not Defined	Official Fix	0.00043	0.00	CVE-2024-29237
28.03.2024	5.9	5.7	Synology Surveillance Station WebAPI AudioPattern.Delete SQL Injection	Unbekannt	Not Defined	Official Fix	0.00043	0.00	CVE-2024-29236
28.03.2024	5.9	5.7	Synology Surveillance Station WebAPI Layout.LayoutSave SQL Injection	Unbekannt	Not Defined	Official Fix	0.00043	0.00	CVE-2024-29227
28.03.2024	5.9	5.7	Synology Surveillance Station WebAPI IOModule.EnumLog SQL Injection	Unbekannt	Not Defined	Official Fix	0.00043	0.00	CVE-2024-29235
28.03.2024	5.9	5.7	Synology Surveillance Station WebAPI Group.Save SQL Injection	Unbekannt	Not Defined	Official Fix	0.00043	0.00	CVE-2024-29234
28.03.2024	5.9	5.7	Synology Surveillance Station WebAPI Emap.Delete SQL Injection	Unbekannt	Not Defined	Official Fix	0.00043	0.00	CVE-2024-29233
28.03.2024	5.9	5.7	Synology Surveillance Station WebAPI Alert.Enum SQL Injection	Unbekannt	Not Defined	Official Fix	0.00043	0.03	CVE-2024-29232
28.03.2024	5.9	5.7	Synology Surveillance Station WebAPI UserPrivilege.Enum Pufferüberlauf	Unbekannt	Not Defined	Official Fix	0.00043	0.00	CVE-2024-29231
28.03.2024	5.9	5.7	Synology Surveillance Station WebAPI SnapShot.CountByCategory SQL Injection	Unbekannt	Not Defined	Official Fix	0.00043	0.00	CVE-2024-29230
28.03.2024	6.0	5.9	Synology Surveillance Station WebAPI GetLiveViewPath erweiterte Rechte	Unbekannt	Not Defined	Official Fix	0.00043	0.03	CVE-2024-29229
24.01.2024	4.3	4.3	Synology DiskStation Manager File Access Redirect	Network Attached Storage Software	Not Defined	Official Fix	0.00047	0.02	CVE-2024-0854
17.01.2024	7.5	7.2	Synology RT6600ax Qualcomm LDB Service erweiterte Rechte	Unbekannt	Not Defined	Official Fix	0.00121	0.06	CVE-2024-21473
25.10.2023	4.0	4.0	Synology SSL VPN Client CGI Pufferüberlauf	Network Encryption Software	Not Defined	Official Fix	0.00042	0.00	CVE-2023-5748
25.10.2023	8.0	7.9	Synology BC500/TC500 CGI Format String	Unbekannt	Not Defined	Official Fix	0.00114	0.00	CVE-2023-5746
31.08.2023	5.3	5.2	Synology Router Manager CGI Information Disclosure	Router Operating System	Not Defined	Official Fix	0.00116	0.00	CVE-2023-41741
31.08.2023	7.7	7.6	Synology Router Manager erweiterte Rechte	Router Operating System	Not Defined	Official Fix	0.00130	0.03	CVE-2023-41738
31.08.2023	5.3	5.2	Synology Router Manager CGI Directory Traversal	Router Operating System	Not Defined	Official Fix	0.00093	0.02	CVE-2023-41740
31.08.2023	5.4	5.4	Synology Router Manager Denial of Service	Router Operating System	Not Defined	Official Fix	0.00093	0.00	CVE-2023-41739
13.06.2023	5.7	5.7	Synology DiskStation Manager User Management schwache Verschlüsselung	Network Attached Storage Software	Not Defined	Official Fix	0.00080	0.00	CVE-2023-2729
13.06.2023	7.0	6.9	Synology DiskStation Manager Backup Management erweiterte Rechte	Network Attached Storage Software	Not Defined	Official Fix	0.00052	0.02	CVE-2023-0142

227 weitere Einträge werden nicht mehr angezeigt

🔒 Login Required

You need to signup and login to see more of the remaining 227 results.

◂ ZurückÜbersichtWeiter ▸

Do you want to use VulDB in your project?

Use the official API to access entries easily!