Seems like there is a more localized page available for your location.
Store

Résumé du panier ()

Total (undefined articles)TVA incluse undefined%. Les frais de port seront calculés lors du paiement.

Continuer mes achats

Série Bee de Synology
Produits de A à Z
Store

Important Information Regarding PHPMailer Vulnerability (CVE-2016-10033)

Publish Time: UTC+8

Last Updated: UTC+8

Severity
Low
Status
Resolved

Description

A PHPMailer vulnerability (CVE-2016-10033) in which remote code execution could be performed via command injection has been revealed. However, after further investigation, it has been confirmed that Synology NAS is not affected because we do not employ vulnerable implementation of PHPMailer.

For precautionary purposes, Synology is now working on a DSM 6.0 update to address this issue.

Severity

Low

Update Availability

Synology will release a DSM 6.0 update (6.0.2-8451-8) and SRM 1.1.3 to address this issue in the coming weeks.

References

https://legalhackers.com/advisories/PHPMailer-Exploit-Remote-Code-Exec-CVE-2016-10033-Vuln.html
https://github.com/opsxcq/exploit-CVE-2016-10033
https://github.com/PHPMailer/PHPMailer/commit/4835657cd639fbd09afd33307cef164edf807cdc