Synology Media Server 1.7.1-2820

CPE Details

Synology Media Server 1.7.1-2820
synology
media_server
1.7.1-2820
2018-06-12
12h56 +00:00
2018-06-12
12h56 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:synology:media_server:1.7.1-2820:*:*:*:*:*:*:*

Informations

Vendor

synology

Product

media_server

Version

1.7.1-2820

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2022-22683 2022-07-28 07h00 +00:00 Buffer copy without checking size of input ('Classic Buffer Overflow') vulnerability in cgi component in Synology Media Server before 1.8.1-2876 allows remote attackers to execute arbitrary code via unspecified vectors.
10
Critical
CVE-2022-27614 2022-07-28 06h55 +00:00 Exposure of sensitive information to an unauthorized actor vulnerability in web server in Synology Media Server before 1.8.1-2876 allows remote attackers to obtain sensitive information via unspecified vectors.
7.5
High
CVE-2021-34808 2021-06-18 03h00 +00:00 Server-Side Request Forgery (SSRF) vulnerability in cgi component in Synology Media Server before 1.8.3-2881 allows remote attackers to access intranet resources via unspecified vectors.
5.8
Medium
CVE-2021-33180 2021-06-01 09h45 +00:00 Improper neutralization of special elements used in an SQL command ('SQL Injection') vulnerability in cgi component in Synology Media Server before 1.8.1-2876 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
9.8
Critical
CVE-2018-8914 2018-05-10 13h00 +00:00 SQL injection vulnerability in UPnP DMA in Synology Media Server before 1.7.6-2842 and before 1.4-2654 allows remote attackers to execute arbitrary SQL commands via the ObjectID parameter.
9.8
Critical