Vulnerability Details CVE-2024-29241
Missing authorization vulnerability in System webapi component in Synology Surveillance Station before 9.2.0-9289 and 9.2.0-11289 allows remote authenticated users to obtain non-sensitive information, write sensitive configurations in DSM, and reboot or shutdown NAS via unspecified vectors.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.008
EPSS Ranking 72.3%
CVSS Severity
CVSS v3 Score 9.9
References
Products affected by CVE-2024-29241
-
cpe:2.3:a:synology:surveillance_station:6.0-2367
-
cpe:2.3:a:synology:surveillance_station:6.0-2383
-
cpe:2.3:a:synology:surveillance_station:6.0-2636
-
cpe:2.3:a:synology:surveillance_station:6.0-2713
-
cpe:2.3:a:synology:surveillance_station:6.0-2719
-
cpe:2.3:a:synology:surveillance_station:6.1-2941
-
cpe:2.3:a:synology:surveillance_station:6.1-2976
-
cpe:2.3:a:synology:surveillance_station:6.1-2983
-
cpe:2.3:a:synology:surveillance_station:6.2-3120
-
cpe:2.3:a:synology:surveillance_station:6.2-3141
-
cpe:2.3:a:synology:surveillance_station:6.2-3147
-
cpe:2.3:a:synology:surveillance_station:6.3-3341
-
cpe:2.3:a:synology:surveillance_station:6.3-3347
-
cpe:2.3:a:synology:surveillance_station:6.3-3364
-
cpe:2.3:a:synology:surveillance_station:6.3-3380
-
cpe:2.3:a:synology:surveillance_station:7.0-3742
-
cpe:2.3:a:synology:surveillance_station:7.0-3762
-
cpe:2.3:a:synology:surveillance_station:7.0-3775
-
cpe:2.3:a:synology:surveillance_station:7.0-3778
-
cpe:2.3:a:synology:surveillance_station:7.1-4056
-
cpe:2.3:a:synology:surveillance_station:7.1-4058
-
cpe:2.3:a:synology:surveillance_station:7.1-4080
-
cpe:2.3:a:synology:surveillance_station:7.1-4110
-
cpe:2.3:a:synology:surveillance_station:7.1-4122
-
cpe:2.3:a:synology:surveillance_station:7.1-4141
-
cpe:2.3:a:synology:surveillance_station:7.1-4146
-
cpe:2.3:a:synology:surveillance_station:7.1-4152
-
cpe:2.3:a:synology:surveillance_station:7.1-4155
-
cpe:2.3:a:synology:surveillance_station:7.2.0-4556
-
cpe:2.3:a:synology:surveillance_station:7.2.1-4602
-
cpe:2.3:a:synology:surveillance_station:7.2.2-4649
-
cpe:2.3:a:synology:surveillance_station:7.2.3-4664
-
cpe:2.3:a:synology:surveillance_station:7.2.4-4683
-
cpe:2.3:a:synology:surveillance_station:7.2.5-4696
-
cpe:2.3:a:synology:surveillance_station:7.2.6-4704
-
cpe:2.3:a:synology:surveillance_station:8.0.0-5122
-
cpe:2.3:a:synology:surveillance_station:8.0.0-5123
-
cpe:2.3:a:synology:surveillance_station:8.0.1-5128
-
cpe:2.3:a:synology:surveillance_station:8.0.2-5158
-
cpe:2.3:a:synology:surveillance_station:8.0.3-5159
-
cpe:2.3:a:synology:surveillance_station:8.0.4-5164
-
cpe:2.3:a:synology:surveillance_station:8.0.5-5190
-
cpe:2.3:a:synology:surveillance_station:8.0.6-5193
-
cpe:2.3:a:synology:surveillance_station:8.0.7-5199
-
cpe:2.3:a:synology:surveillance_station:8.1.0-5406
-
cpe:2.3:a:synology:surveillance_station:8.1.1-5408
-
cpe:2.3:a:synology:surveillance_station:8.1.2-5469
-
cpe:2.3:a:synology:surveillance_station:8.1.3-5473
-
cpe:2.3:a:synology:surveillance_station:8.1.4-5498
-
cpe:2.3:a:synology:surveillance_station:8.1.5-5513
-
cpe:2.3:a:synology:surveillance_station:8.1.6-5519
-
cpe:2.3:a:synology:surveillance_station:8.2.0-5761
-
cpe:2.3:a:synology:surveillance_station:8.2.1-5765
-
cpe:2.3:a:synology:surveillance_station:8.2.2-5766
-
cpe:2.3:a:synology:surveillance_station:8.2.3-5828
-
cpe:2.3:a:synology:surveillance_station:9.2.0-9289
-
cpe:2.3:o:synology:diskstation_manager:6.2
-
cpe:2.3:o:synology:diskstation_manager:7.1
-
cpe:2.3:o:synology:diskstation_manager:7.2