CVEInsight.

Free vulnerability intelligence for developers, security teams, and researchers. Data sourced from public databases for informational purposes only.

Explore

Legal

CVE data sourced from NVD / NIST & public disclosures.

synology

download_station

4 known vulnerabilities · sorted by CVSS score

CVE-2021-34810

CRITICAL9.9

Improper privilege management vulnerability in cgi component in Synology Download Station before 3.8.16-3566 allows remote authenticated users to execute arbitrary code via unspecified vectors.

synology / download_station

Network

Published Jun 18, 2021

CVE-2021-34809

CRITICAL9.9

Improper neutralization of special elements used in a command ('Command Injection') vulnerability in task management component in Synology Download Station before 3.8.16-3566 allows remote authenticated users to execute arbitrary code via unspecified vectors.

synology / download_station

Network

Published Jun 18, 2021

CVE-2021-33184

HIGH7.7

Server-Side request forgery (SSRF) vulnerability in task management component in Synology Download Station before 3.8.15-3563 allows remote authenticated users to read arbitrary files via unspecified vectors.

synology / download_station

Network

Published Jun 1, 2021

CVE-2021-34811

MEDIUM5.0

Server-Side Request Forgery (SSRF) vulnerability in task management component in Synology Download Station before 3.8.16-3566 allows remote authenticated users to access intranet resources via unspecified vectors.

synology / download_station

Network

Published Jun 18, 2021