Vulnerability Details CVE-2021-34808
Server-Side Request Forgery (SSRF) vulnerability in cgi component in Synology Media Server before 1.8.3-2881 allows remote attackers to access intranet resources via unspecified vectors.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 40.3%
CVSS Severity
CVSS v3 Score 5.8
CVSS v2 Score 5.0
References
Products affected by CVE-2021-34808
-
cpe:2.3:a:synology:media_server:-
-
cpe:2.3:a:synology:media_server:1.0-2260
-
cpe:2.3:a:synology:media_server:1.1-2325
-
cpe:2.3:a:synology:media_server:1.1-2327
-
cpe:2.3:a:synology:media_server:1.1-2406
-
cpe:2.3:a:synology:media_server:1.1-2407
-
cpe:2.3:a:synology:media_server:1.1-2411
-
cpe:2.3:a:synology:media_server:1.2-2489
-
cpe:2.3:a:synology:media_server:1.2-2491
-
cpe:2.3:a:synology:media_server:1.2-2492
-
cpe:2.3:a:synology:media_server:1.3-2575
-
cpe:2.3:a:synology:media_server:1.4
-
cpe:2.3:a:synology:media_server:1.4-2629
-
cpe:2.3:a:synology:media_server:1.4-2642
-
cpe:2.3:a:synology:media_server:1.4-2644
-
cpe:2.3:a:synology:media_server:1.4-2649
-
cpe:2.3:a:synology:media_server:1.4-2653
-
cpe:2.3:a:synology:media_server:1.4-2654
-
cpe:2.3:a:synology:media_server:1.5-2762
-
cpe:2.3:a:synology:media_server:1.6.0-2766
-
cpe:2.3:a:synology:media_server:1.6.1-2767
-
cpe:2.3:a:synology:media_server:1.6.2-2770
-
cpe:2.3:a:synology:media_server:1.7
-
cpe:2.3:a:synology:media_server:1.7.0-2810
-
cpe:2.3:a:synology:media_server:1.7.1-2810
-
cpe:2.3:a:synology:media_server:1.7.1-2820
-
cpe:2.3:a:synology:media_server:1.7.2-2830
-
cpe:2.3:a:synology:media_server:1.7.3-2841
-
cpe:2.3:a:synology:media_server:1.7.4-2852
-
cpe:2.3:a:synology:media_server:1.7.5-2854
-
cpe:2.3:a:synology:media_server:1.7.6-2842
-
cpe:2.3:a:synology:media_server:1.7.7-2855
-
cpe:2.3:a:synology:media_server:1.7.8-2844
-
cpe:2.3:a:synology:media_server:1.7.9-2858
-
cpe:2.3:a:synology:media_server:1.8.1-2876