Synology-SA-18:64 DSM
Publish Time: 2018-12-26 14:06:16 UTC+8
Last Updated: 2019-01-04 17:50:46 UTC+8
- Severity
- Critical
- Status
- Resolved
Abstract
A vulnerability allows remote attackers to execute arbitrary code via a susceptible version of Synology Diskstation Manager (DSM).
Affected Products
| Product | Severity | Fixed Release Availability |
|---|---|---|
| DSM 6.2 | Critical | Upgrade to 6.2.1-23824-4 or above. |
| DSM 6.1 | Critical | Upgrade to 6.1.7-15284-3 or above. |
| DSM 5.2 | Critical | Upgrade to 5.2-5967-9 or above. |
| SkyNAS[1] | Critical | Please manually download and install version 6.1.7-15284-3. |
| VS960HD | Not affected | N/A |
Mitigation
None
Detail
Reserved
Acknowledgement
Uriya Yavnieli from VDOO (https://vdoo.com)
Revision
| Revision | Date | Description |
|---|---|---|
| 1 | 2018-12-26 | Initial public release. |
| 2 | 2019-01-02 | Update for DSM 6.1 and DSM 5.2 are now available in Affected Products. |
| 3 | 2019-01-04 | Update for SkyNAS is now available in Affected Products. |