PT-2025-24060 · Undefined · Undefined
Published
2025-06-06
·
Updated
2025-06-06
·
CVE-2025-5293
None
No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.
CVSS: 4.3
Impact
Loss of Availability
Loss of Confidentiality
Loss of Integrity
Description
A remote authenticated attacker can exploit a vulnerability in Synology DiskStation Manager and Synology Router Manager in order to manipulate files.
Affected Versions
Synology -> Synology Router Manager -> 1.3
Fixed Versions
Synology -> Diskstation Manager -> 4.15.13-2502
Synology -> Diskstation Manager -> 4.15.9-0644
Solution
Synology provides updates. Please update your installation and see the vendor's advisory to find the proper version suitable for your environment.
[https://www.synology.com/de-de/security/advisory/Synology SA 25 07](https://www.synology.com/de-de/security/advisory/Synology SA 25 07)
Reference
[https://www.synology.com/de-de/security/advisory/Synology SA 25 07](https://www.synology.com/de-de/security/advisory/Synology SA 25 07)
CVE-2025-5293
Details
Vulnerability #1
CVSSv3: 4.3 (AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N)
Solution Date: -
Disclosure Date: 2025-06-05
CVE-ID: CVE-2025-5293
Description
A vulnerability exists in Synology DiskStation Manager and Synology Router Manager. This vulnerability stems from a flawed analysis of user permissions by the SMB service. A remote, authenticated attacker could exploit this to write files via the Server Message Block (SMB) service.
Technical Description
No technical description
Solution
No solution
Affected Versions
Synology -> Synology Router Manager -> 1.3
Fixed Versions
Synology -> Diskstation Manager -> 4.15.13-2502
Synology -> Diskstation Manager -> 4.15.9-0644
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Undefined