Taewan Ha

**Name of the Vulnerable Software and Affected Versions** Synology DiskStation Manager (DSM) versions prior to 6.2.4-25556-8 Synology DiskStation Manager (DSM) versions prior to 7.0.1-42218-7 Synology DiskStation Manager (DSM) versions prior to 7.1.1-42962-7 Synology DiskStation Manager (DSM) versions prior to 7.2.1-69057-2 **Description** The issue is related to a URL redirection to an untrusted site, also known as an 'Open Redirect' vulnerability, in the file access component. This allows remote authenticated users to conduct phishing attacks via unspecified vectors. **Recommendations** For versions prior to 6.2.4-25556-8, update to version 6.2.4-25556-8 or later. For versions prior to 7.0.1-42218-7, update to version 7.0.1-42218-7 or later. For versions prior to 7.1.1-42962-7, update to version 7.1.1-42962-7 or later. For versions prior to 7.2.1-69057-2, update to version 7.2.1-69057-2 or later.