PT-2025-49025 · Synology · Synology Unified Controller+1
Steven Lin
·
Published
2025-12-04
·
Updated
2025-12-09
·
CVE-2024-45539
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
Synology DiskStation Manager (DSM) versions prior to 7.2.1-69057-2
Synology DiskStation Manager (DSM) versions prior to 7.2.2-72806
Synology Unified Controller (DSMUC) versions prior to 3.1.4-23079
Description
An out-of-bounds write issue exists in the cgi components of the software. This condition allows remote attackers to potentially cause a denial-of-service.
Recommendations
Update Synology DiskStation Manager (DSM) to version 7.2.1-69057-2 or later.
Update Synology DiskStation Manager (DSM) to version 7.2.2-72806 or later.
Update Synology Unified Controller (DSMUC) to version 3.1.4-23079 or later.
Fix
DoS
Memory Corruption
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Synology Diskstation Manager
Synology Unified Controller