CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-50631

Improper neutralization of special elements used in an SQL command ('SQL Injection') vulnerability in the system syncing daemon in Synology Drive Server before 3.0.4-12699, 3.2.1-23280, 3.5.0-26085 and 3.5.1-26102 allows remote attackers to inject SQL commands, limited to write operations, via unspecified vectors.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.005

EPSS Ranking 63.9%

CVSS Severity

CVSS v3 Score 7.5

References

https://www.synology.com/en-global/security/advisory/Synology_SA_24_21

Products affected by CVE-2024-50631

Synology » Drive Server » Version: 1.0.0-10240

cpe:2.3:a:synology:drive_server:1.0.0-10240
Synology » Drive Server » Version: 1.0.1-10253

cpe:2.3:a:synology:drive_server:1.0.1-10253
Synology » Drive Server » Version: 1.0.2-10275

cpe:2.3:a:synology:drive_server:1.0.2-10275
Synology » Drive Server » Version: 1.0.3-10281

cpe:2.3:a:synology:drive_server:1.0.3-10281
Synology » Drive Server » Version: 1.1.0-10544

cpe:2.3:a:synology:drive_server:1.1.0-10544
Synology » Drive Server » Version: 1.1.1-10551

cpe:2.3:a:synology:drive_server:1.1.1-10551
Synology » Drive Server » Version: 1.1.2-10562

cpe:2.3:a:synology:drive_server:1.1.2-10562
Synology » Drive Server » Version: 1.1.3-10570

cpe:2.3:a:synology:drive_server:1.1.3-10570
Synology » Drive Server » Version: 1.1.4-10580

cpe:2.3:a:synology:drive_server:1.1.4-10580
Synology » Drive Server » Version: 2.0.0-11050

cpe:2.3:a:synology:drive_server:2.0.0-11050
Synology » Drive Server » Version: 2.0.1-11061

cpe:2.3:a:synology:drive_server:2.0.1-11061
Synology » Drive Server » Version: 2.0.2-11076

cpe:2.3:a:synology:drive_server:2.0.2-11076
Synology » Drive Server » Version: 2.0.2-11078

cpe:2.3:a:synology:drive_server:2.0.2-11078
Synology » Drive Server » Version: 2.0.3-11102

cpe:2.3:a:synology:drive_server:2.0.3-11102
Synology » Drive Server » Version: 2.0.4-11112

cpe:2.3:a:synology:drive_server:2.0.4-11112
Synology » Drive Server » Version: 3.0.0-22663

cpe:2.3:a:synology:drive_server:3.0.0-22663
Synology » Drive Server » Version: 3.0.1-12667

cpe:2.3:a:synology:drive_server:3.0.1-12667
Synology » Drive Server » Version: 3.0.1-12674

cpe:2.3:a:synology:drive_server:3.0.1-12674
Synology » Drive Server » Version: 3.0.1-22667

cpe:2.3:a:synology:drive_server:3.0.1-22667
Synology » Drive Server » Version: 3.0.1-22674

cpe:2.3:a:synology:drive_server:3.0.1-22674
Synology » Drive Server » Version: 3.0.1-22675

cpe:2.3:a:synology:drive_server:3.0.1-22675
Synology » Drive Server » Version: 3.0.2-12682

cpe:2.3:a:synology:drive_server:3.0.2-12682
Synology » Drive Server » Version: 3.0.2-22682

cpe:2.3:a:synology:drive_server:3.0.2-22682
Synology » Drive Server » Version: 3.0.3-12689

cpe:2.3:a:synology:drive_server:3.0.3-12689
Synology » Drive Server » Version: 3.0.3-22689

cpe:2.3:a:synology:drive_server:3.0.3-22689
Synology » Drive Server » Version: 3.1.0-22920

cpe:2.3:a:synology:drive_server:3.1.0-22920
Synology » Drive Server » Version: 3.2.0-23232

cpe:2.3:a:synology:drive_server:3.2.0-23232
Synology » Drive Server » Version: 3.2.1-23271

cpe:2.3:a:synology:drive_server:3.2.1-23271
Synology » Drive Server » Version: 3.3.0-25082

cpe:2.3:a:synology:drive_server:3.3.0-25082
Synology » Drive Server » Version: 3.3.1-25084

cpe:2.3:a:synology:drive_server:3.3.1-25084
Synology » Drive Server » Version: 3.4.0-25721

cpe:2.3:a:synology:drive_server:3.4.0-25721
Synology » Drive Server » Version: 3.4.0-25724

cpe:2.3:a:synology:drive_server:3.4.0-25724
Synology » Drive Server » Version: 3.5.0-26084

cpe:2.3:a:synology:drive_server:3.5.0-26084
Synology » Drive Server » Version: 3.5.1-26101

cpe:2.3:a:synology:drive_server:3.5.1-26101

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-50631

Products

Pricing

Contact Us