CVE-2022-22684

Name of the Vulnerable Software and Affected Versions Synology DiskStation Manager (DSM) versions prior to 6.2.4-25553

Description The issue is related to improper neutralization of special elements used in an OS command, allowing remote attackers to execute arbitrary commands via unspecified vectors. This is due to an 'OS Command Injection' vulnerability in the task management component.

Recommendations For versions prior to 6.2.4-25553, update to version 6.2.4-25553 or later to resolve the issue. As a temporary workaround, consider restricting access to the task management component to minimize the risk of exploitation.