Synology-SA-24:25 Surveillance Station
Publish Time: 2024-11-26 16:24:00 UTC+8
Last Updated: 2024-11-26 16:24:00 UTC+8
- Severity
- Moderate
- Status
- Resolved
Abstract
Multiple vulnerabilities allow remote authenticated users to inject arbitrary web script or HTML.
Multiple vulnerabilities allow remote authenticated users to obtain sensitive information.
Multiple vulnerabilities allow remote authenticated users with administrator privileges to read or write specific files.
Affected Products
| Product | Severity | Fixed Release Availability |
|---|---|---|
| Surveillance Station for DSM 7.2 | Moderate | Upgrade to 9.2.2-11575 or above. |
| Surveillance Station for DSM 7.1 | Moderate | Upgrade to 9.2.2-11575 or above. |
| Surveillance Station for DSM 6.2 | Moderate | Upgrade to 9.2.2-9575 or above. |
Mitigation
None
Detail
Reserved
Acknowledgement
Tim Coen (https://security-consulting.icu/)
Zhao Runzi (赵润梓)
李建申(https://lsr00ter.github.io)
Revision
| Revision | Date | Description |
|---|---|---|
| 1 | 2024-11-26 | Initial public release. |