Seems like there is a more localized page available for your location.

Résumé du panier ()

Série Bee de Synology
Produits de A à Z

Synology-SA-17:38 Chat

Publish Time: UTC+8

Last Updated: UTC+8

Severity
Important
Status
Resolved

Abstract

CVE-2017-11148 allows remote authenticated users to access intranet resources via a vulnerable Synology NAS running as Chat server.

Severity

Affected

  • Products
    • Chat before 1.1.0-0806
  • Models
    • All Synology models

Description

Server-side request forgery (SSRF) vulnerability in link preview in Synology Chat before 1.1.0-0806 allows remote authenticated users to access intranet resources via unspecified vectors.

Mitigation

None

Update Availability

To fix the security issue, please go to DSM > Package Center and update Chat to 1.1.0-0806 or above.