Synology-SA-18:14 DSM
Publish Time: 2018-03-27 16:02:31 UTC+8
Last Updated: 2018-12-24 21:24:52 UTC+8
- Severity
- Important
- Status
- Resolved
Abstract
Multiple vulnerabilities allow remote attackers to steal credentials or inject arbitrary web script or HTML via a susceptible version of Synology DiskStation Manager (DSM).
Affected Products
| Product | Severity | Fixed Release Availability |
|---|---|---|
| DSM 6.1 | Important | Upgrade to 6.1.6-15266 or above. |
| DSM 6.0 | Important | Upgrade to 6.1.6-15266 or above. |
| DSM 5.2 | Important | Upgrade to 6.1.6-15266 or above. |
Mitigation
None
Detail
CVE-2018-8917
- Severity: Moderate
- CVSS3 Base Score: 6.5
- CVSS3 Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L
- Cross-site scripting (XSS) vulnerability in info.cgi in Synology DiskStation Manager (DSM) before 6.1.6-15266 allows remote attackers to inject arbitrary web script or HTML via the host parameter.
CVE-2018-8919
- Severity: Important
- CVSS3 Base Score: 8.3
- CVSS3 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
- Information exposure vulnerability in SYNO.Core.Desktop.SessionData in Synology DiskStation Manager (DSM) before 6.1.6-15266 allows remote attackers to steal credentials via unspecified vectors.
CVE-2018-8920
- Severity: Moderate
- CVSS3 Base Score: 5.9
- CVSS3 Vector: CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L
- Improper neutralization of escape vulnerability in Log Exporter in Synology DiskStation Manager (DSM) before 6.1.6-15266 allows remote attackers to inject arbitrary content to have an unspecified impact by exporting an archive in CSV format.
Acknowledgement
Xie Wei (解炜)
1N3@CrowdShield (https://crowdshield.com)
Taien Wang (https://www.linkedin.com/in/taienwang/)
Revision
| Revision | Date | Description |
|---|---|---|
| 1 | 2018-03-27 | Initial public release. |
| 2 | 2018-12-24 | Disclosed vulnerability details. |