Synology-SA-21:25 DSM

Publish Time: 2021-08-31 15:10:26 UTC+8

Last Updated: 2022-12-07 17:24:14 UTC+8

Severity
Moderate
Status
Accepted

Abstract

Multiple vulnerabilities allow local users to execute arbitrary commands via a susceptible version of DiskStation Manager (DSM).

Affected Products

Product Severity Fixed Release Availability
DSM 7.0 Moderate Upgrade to 7.0.1-42214 or above.
DSM 6.2 Moderate Upgrade to 7.0.1-42214 or above.
DSMUC 3.1 Moderate Will not fix
VS Firmware 2.3 Moderate Will not fix

Mitigation

None

Detail

Reserved

Acknowledgement

cmj

Revision

Revision Date Description
1 2021-08-31 Initial public release.
2 2021-09-29 Update for DSM 6.2 is now available in Affected Products.