PT-2025-30519 · Synology · Synology Router Manager
Published
2024-10-18
·
Updated
2025-07-23
·
CVE-2024-53286
CVSS v2.0
9.0
High
| Vector | AV:N/AC:L/Au:S/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Synology Router Manager (SRM) versions prior to 1.3.1-9346-11
Description
A flaw exists in the DDNS Record functionality that allows remote authenticated users with administrator privileges to execute arbitrary code. The issue is due to improper neutralization of special elements used in an OS command.
Recommendations
Update Synology Router Manager to version 1.3.1-9346-11 or later.
Fix
OS Command Injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Synology Router Manager