Chanyoung So

#16610of 53,633
16.2Total CVSS
Vulnerabilities · 2
High
2
PT-2023-16031
8.1
2023-06-13
Synology · Synology Diskstation Manager · CVE-2023-0142
**Name of the Vulnerable Software and Affected Versions** Synology DiskStation Manager (DSM) versions 6.2.4-25556-7 and earlier, 7.0.1-42218-6 and earlier Synology DiskStation Manager (DSM) version 7.1-42660 and earlier **Description** The issue allows remote authenticated users with administrator privileges to read or write arbitrary files via unspecified vectors. This is due to an uncontrolled search path element vulnerability in the Backup Management functionality. **Recommendations** For Synology DiskStation Manager (DSM) versions 6.2.4-25556-7 and earlier, update to version 6.2.4-25556-8 or later. For Synology DiskStation Manager (DSM) versions 7.0.1-42218-6 and earlier, update to version 7.0.1-42218-7 or later. For Synology DiskStation Manager (DSM) version 7.1-42660 and earlier, update to version 7.1-42661 or later.
PT-2022-15627
8.1
2022-07-06
Synology · Synology Photo Station · CVE-2022-22681
**Name of the Vulnerable Software and Affected Versions** Synology Photo Station versions prior to 6.8.16-3506 **Description** The issue allows remote attackers to bypass security constraints via unspecified vectors due to a session fixation vulnerability in access control management. **Recommendations** For versions prior to 6.8.16-3506, update to version 6.8.16-3506 or later to resolve the issue.