Synology-SA-21:25 DSM
Publish Time: 2021-08-31 15:10:26 UTC+8
Last Updated: 2022-12-07 17:24:14 UTC+8
- Severity
- Moderate
- Status
- Accepted
Abstract
Multiple vulnerabilities allow local users to execute arbitrary commands via a susceptible version of DiskStation Manager (DSM).
Affected Products
Product | Severity | Fixed Release Availability |
---|---|---|
DSM 7.0 | Moderate | Upgrade to 7.0.1-42214 or above. |
DSM 6.2 | Moderate | Upgrade to 7.0.1-42214 or above. |
DSMUC 3.1 | Moderate | Will not fix |
VS Firmware 2.3 | Moderate | Will not fix |
Mitigation
None
Detail
Reserved
Acknowledgement
cmj
Revision
Revision | Date | Description |
---|---|---|
1 | 2021-08-31 | Initial public release. |
2 | 2021-09-29 | Update for DSM 6.2 is now available in Affected Products. |