265
CVEs
40
Critical
95
High
0
KEV
42
PoC
118
Unpatched C/H
15.8%
Patch Rate
2.2%
Avg EPSS
Severity Breakdown
CRITICAL
40
HIGH
95
MEDIUM
123
LOW
7
Monthly CVE Trend
Affected Products (30)
Diskstation Manager
64
Photo Station
30
Router Manager
29
PHP
21
Diskstation Manager Unified Controller
18
Surveillance Station
15
Skynas Firmware
10
Calendar
9
Download Station
8
Tc500 Firmware
7
Bc500 Firmware
7
Vs960Hd Firmware
7
Media Server
6
Video Station
6
Drive Server
5
File Station
5
Note Station
5
Beedrive
4
Audio Station
4
Active Backup For Business Agent
3
Chat
3
Beestation Os
3
Carddav Server
3
Office
3
Presto File Server
2
Dns Server
2
Session Fixation
2
Ssl Vpn Client
2
OpenSSL
2
Safeaccess
2
Top Risky CVEs
| CVE | Summary | Severity | CVSS | EPSS | Priority | Signals |
|---|---|---|---|---|---|---|
| CVE-2013-6955 | webman/imageSelector.cgi in Synology DiskStation Manager (DSM) 4.0 before 4.0-2259, 4.2 before 4.2-3243, and 4.3 before 4.3-3810 Update 1 allows remote attackers to append data to arbitrary files,. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 83.3%. | CRITICAL | 10.0 | 83.3% | 168 |
PoC
No patch
|
| CVE-2017-15889 | Command injection vulnerability in smart.cgi in Synology DiskStation Manager (DSM) before 5.2-5967-5 allows remote authenticated users to execute arbitrary commands via disk field. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 62.4%. | HIGH | 8.8 | 62.4% | 141 |
PoC
No patch
|
| CVE-2017-9554 | An information exposure vulnerability in forget_passwd.cgi in Synology DiskStation Manager (DSM) before 6.1.3-15152 allows remote attackers to enumerate valid usernames via unspecified vectors. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 57.9%. | MEDIUM | 5.3 | 57.9% | 104 |
PoC
No patch
|
| CVE-2015-6912 | Synology Video Station before 1.5-0763 allows remote attackers to execute arbitrary shell commands via shell metacharacters in the subtitle_codepage parameter to subtitle.cgi. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 29.7%. | CRITICAL | 10.0 | 29.7% | 100 |
PoC
No patch
|
| CVE-2013-6987 | Multiple directory traversal vulnerabilities in the FileBrowser components in Synology DiskStation Manager (DSM) before 4.3-3810 Update 3 allow remote attackers to read, write, and delete arbitrary. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 30.2%. | HIGH | 7.5 | 30.2% | 88 |
PoC
No patch
|
| CVE-2017-11155 | An information exposure vulnerability in index.php in Synology Photo Station before 6.7.3-3432 and 6.3-2967 allows remote attackers to obtain sensitive system information via unspecified vectors. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 29.5%. | HIGH | 7.5 | 29.5% | 87 |
PoC
No patch
|
| CVE-2017-11153 | Deserialization vulnerability in synophoto_csPhotoMisc.php in Synology Photo Station before 6.7.3-3432 and 6.3-2967 allows remote attackers to gain administrator privileges via a crafted serialized. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 15.1%. | CRITICAL | 9.8 | 15.1% | 84 |
PoC
No patch
|
| CVE-2017-11151 | A vulnerability in synotheme_upload.php in Synology Photo Station before 6.7.3-3432 and 6.3-2967 allows remote attackers to upload arbitrary files without authentication via the logo_upload action. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 14.8%. | CRITICAL | 9.8 | 14.8% | 84 |
PoC
No patch
|
| CVE-2016-10329 | Command injection vulnerability in login.php in Synology Photo Station before 6.5.3-3226 allows remote attackers to execute arbitrary code via shell metacharacters in the crafted 'X-Forwarded-For'. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 11.3%. | CRITICAL | 9.8 | 11.3% | 80 |
PoC
No patch
|
| CVE-2017-11152 | Directory traversal vulnerability in PixlrEditorHandler.php in Synology Photo Station before 6.7.3-3432 and 6.3-2967 allows remote attackers to write arbitrary files via the path parameter. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 14.1%. | HIGH | 7.5 | 14.1% | 72 |
PoC
No patch
|
| CVE-2020-27655 | Improper access control vulnerability in Synology Router Manager (SRM) before 1.2.4-8081 allows remote attackers to access restricted resources via inbound QuickConnect traffic. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available. | CRITICAL | 10.0 | 1.7% | 70 |
PoC
No patch
|
| CVE-2020-27654 | Improper access control vulnerability in lbd in Synology Router Manager (SRM) before 1.2.4-8081 allows remote attackers to execute arbitrary commands via port (1) 7786/tcp or (2) 7787/tcp. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available. | CRITICAL | 9.8 | 4.6% | 69 |
PoC
No patch
|
| CVE-2020-27660 | SQL injection vulnerability in request.cgi in Synology SafeAccess before 1.2.3-0234 allows remote attackers to execute arbitrary SQL commands via the domain parameter. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available. | CRITICAL | 9.8 | 4.6% | 69 |
PoC
No patch
|
| CVE-2024-10443 | Improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability in Task Manager component in Synology BeePhotos before 1.0.2-10026 and 1.1.0-10053 and. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available. | CRITICAL | 9.8 | 28.4% | 69 |
PoC
No patch
|
| CVE-2016-10322 | Synology Photo Station before 6.3-2958 allows remote authenticated guest users to execute arbitrary commands via shell metacharacters in the X-Forwarded-For HTTP header to photo/login.php. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available. | HIGH | 8.8 | 2.8% | 67 |
PoC
No patch
|