Publish Time: 2018-12-21 17:58:09 UTC+8
Last Updated: 2019-01-04 17:50:23 UTC+8
Abstract
A vulnerability allows remote attackers to execute arbitrary code via a susceptible version of Synology Diskstation Manager (DSM) and Synology Router Manager (SRM).
Affected Products
Product | Severity | Fixed Release Availability |
---|---|---|
DSM 6.2 | Critical | Upgrade to 6.2.1-23824-4 or above. |
DSM 6.1 | Critical | Upgrade to 6.1.7-15284-3 or above. |
DSM 5.2 | Critical | Upgrade to 5.2-5967-9 or above. |
SkyNAS[1] | Critical | Please manually download and install version 6.1.7-15284-3. |
VS960HD | Critical | Upgrade to 2.3.3-1646 or above. |
SRM 1.2 | Important | Upgrade to 1.2-7742-5 or above. |
Mitigation
If you need immediate assistance, please contact Synology technical support via https://account.synology.com/support.
Detail
Reference
Revision
Revision | Date | Description |
---|---|---|
1 | 2018-12-21 | Initial public release. |
2 | 2018-12-21 | Update for DSM 6.2 is now available in Affected Products. |
3 | 2018-12-26 | Update for VS960HD is now available in Affected Products. |
4 | 2018-12-28 | Update for SRM 1.2 is now available in Affected Products. |
5 | 2019-01-02 | Update for DSM 6.1 and DSM 5.2 are now available in Affected Products. |
6 | 2019-01-04 | Update for SkyNAS is now available in Affected Products. |