Synology-SA-25:02 Active Backup for Business
Publish Time: UTC+8
Last Updated: UTC+8
- Severity
- Moderate
- Status
- Resolved
Abstract
Multiple vulnerabilities allow remote authenticated users with administrator privileges to read/write/delete specific files.
Affected Products
| Product | Severity | Fixed Release Availability |
|---|---|---|
| Active Backup for Business for DSM 7.2 | Moderate | Upgrade to 2.7.1-23234 or above. |
| Active Backup for Business for DSM 7.1 | Moderate | Upgrade to 2.7.1-13234 or above. |
| Active Backup for Business for DSM 6.2 | Moderate | Upgrade to 2.7.1-3234 or above. |
Mitigation
None
Detail
CVE-2025-30028
- Severity: Important
- CVSS3 Base Score: 8.6
- CVSS3 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
- CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
- A vulnerability in Active Backup for Business allows unauthorized remote attackers to read arbitrary files.
CVE-2024-47264
- Severity: Moderate
- CVSS3 Base Score: 4.9
- CVSS3 Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
- CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
- Improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in agent-related functionality in Synology Active Backup for Business before 2.7.1-13234, 2.7.1-23234 and 2.7.1-3234 allows remote authenticated users with administrator privileges to delete arbitrary files via unspecified vectors.
CVE-2024-47265
- Severity: Moderate
- CVSS3 Base Score: 6.5
- CVSS3 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
- CWE-73: External Control of File Name or Path
- Improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in encrypted share umount functionality in Synology Active Backup for Business before 2.7.1-13234, 2.7.1-23234 and 2.7.1-3234 allows remote authenticated users to write specific files via unspecified vectors.
CVE-2024-47266
- Severity: Low
- CVSS3 Base Score: 2.7
- CVSS3 Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N
- CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
- Improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in share file list functionality in Synology Active Backup for Business before 2.7.1-13234, 2.7.1-23234 and 2.7.1-3234 allows remote authenticated users with administrator privileges to read specific files containing non-sensitive information via unspecified vectors.
Acknowledgement
PSIRT
Zhao Runzi (赵润梓)
Reference
Revision
| Revision | Date | Description |
|---|---|---|
| 1 | 2025-02-11 | Initial public release. |
| 2 | 2025-02-13 | Disclosed vulnerability details. |
| 3 | 2025-09-16 | Disclosed vulnerability details. |
| 4 | 2026-05-27 | Disclosed vulnerability details. |