Synology-SA-19:37 DSM
Publish Time: 2019-11-05 15:29:10 UTC+8
Last Updated: 2020-10-15 14:15:12 UTC+8
- Severity
- Important
- Status
- Accepted
Abstract
Multiple vulnerabilities allow remote authenticated users to execute arbitrary commands or conduct denial-of-service attacks, or allow remote attackers to delete arbitrary files via a susceptible version of DiskStation Manager (DSM).
Affected Products
| Product | Severity | Fixed Release Availability |
|---|---|---|
| DSM 6.2 | Important | Upgrade to 6.2.2-24922-4 or above. |
| SkyNAS | Moderate | Upgrade to 6.2.3-25426 or above. |
| VS960HD | Moderate | Ongoing |
Mitigation
None
Detail
Reserved
Acknowledgement
Qian Chen of Qihoo 360 Nirvan Team
Revision
| Revision | Date | Description |
|---|---|---|
| 1 | 2019-11-05 | Initial public release. |
| 2 | 2020-10-15 | Update for SkyNAS is now available in Affected Products. |