Skip to main content
ZDI-26-423 HIGH 8.8 Published Jul 15, 2026

Synology DiskStation DS925+ MailPlus Redis Weak Cryptography for Passwords Remote Code Execution Vulnerability

Synology

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Synology DiskStation DS925+ devices. Authentication is not required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 8.8.

Related CVE

CVE-2025-15660

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy