Synology: >> Diskstation Manager >> 6.1.6-15266 Security Vulnerabilities
Command injection vulnerability in EZ-Internet in Synology DiskStation Manager (DSM) before 6.2-23739 allows remote authenticated users to execute arbitrary command via the username parameter.
CVSS Score
7.2
EPSS Score
0.057
Published
2018-06-08
Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.
CVSS Score
5.6
EPSS Score
0.943
Published
2018-01-04
Page 4