CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Synology: >> Diskstation Manager >> 4.0-2259 Security Vulnerabilities

CVE-2017-9553

A design flaw in SYNO.API.Encryption in Synology DiskStation Manager (DSM) before 6.1.3-15152 allows remote attackers to bypass the encryption protection mechanism via the crafted version parameter.

CVSS Score

7.5

EPSS Score

0.001

Published

2017-07-24

CVE-2017-9554

An information exposure vulnerability in forget_passwd.cgi in Synology DiskStation Manager (DSM) before 6.1.3-15152 allows remote attackers to enumerate valid usernames via unspecified vectors.

CVSS Score

5.3

EPSS Score

0.64

Published

2017-07-24

CVE-2015-4655

Cross-site scripting (XSS) vulnerability in Synology DiskStation Manager (DSM) before 5.2-5565 Update 1 allows remote attackers to inject arbitrary web script or HTML via the "compound" parameter to entry.cgi.

CVSS Score

4.3

EPSS Score

0.003

Published

2015-06-18

Page 4

Vulnerabilities

Vulnerable Software

Synology: >> Diskstation Manager >> 4.0-2259 Security Vulnerabilities

Products

Pricing

Contact Us