CVE-2022-27622

Name of the Vulnerable Software and Affected Versions Synology DiskStation Manager (DSM) versions prior to 7.1-42661

Description A Server-Side Request Forgery (SSRF) issue in the Package Center functionality allows remote authenticated users to access intranet resources via unspecified vectors. This could potentially lead to unauthorized access to internal resources.

Recommendations For versions prior to 7.1-42661, update to version 7.1-42661 or later to resolve the issue. As a temporary workaround, consider restricting access to the Package Center functionality to minimize the risk of exploitation.