Seems like there is a more localized page available for your location.
Store

Résumé du panier ()

Total (undefined articles)TVA incluse undefined%. Les frais de port seront calculés lors du paiement.

Continuer mes achats

Série Bee de Synology
Produits de A à Z
Store

Important Information Regarding Roundcube Vulnerability (CVE-2016-9920)

Publish Time: UTC+8

Last Updated: UTC+8

Severity
Low
Status
Resolved

Description

A vulnerability of Roundcube (CVE-2016-9920) has been revealed where remote code execution could be performed via command injection. However, after further investigation, it has been confirmed that Synology NAS will remain unaffected as long as no manual modification was made to the configuration file of Mail Station.

For precautionary purposes, a newer version of Mail Station will be released to address this issue.

Severity

Low

Update Availability

Synology will release a Mail Station update to address this issue in the coming weeks.

References

https://roundcube.net/news/2016/11/28/updates-1.2.3-and-1.1.7-released
https://blog.ripstech.com/2016/roundcube-command-execution-via-email/