Vulnerabilities > CVE-2021-26562 - Out-of-bounds Write vulnerability in Synology products

CVSS 6.8 - MEDIUM

Attack vector

NETWORK

Attack complexity

MEDIUM

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

synology

CWE-787

NVD

Published: 2021-02-26

Updated: 2022-04-26

Summary

Out-of-bounds write vulnerability in synoagentregisterd in Synology DiskStation Manager (DSM) before 6.2.3-25426-3 allows man-in-the-middle attackers to execute arbitrary code via syno_finder_site HTTP header.

Vulnerable Configurations

Part	Description	Count
Application	Synology Synology Diskstation Manager - Synology Diskstation Manager 3.0 Synology Diskstation Manager 4.0 Synology Diskstation Manager 4.0-2259 Synology Diskstation Manager 4.2 Synology Diskstation Manager 4.2-3243 Synology Diskstation Manager 4.3 Synology Diskstation Manager 4.3-3810 Synology Diskstation Manager 5.2 Synology Diskstation Manager 5.2-5565 Synology Diskstation Manager 5.2-5565-1 Synology Diskstation Manager 5.2-5565-2 Synology Diskstation Manager 5.2-5592 Synology Diskstation Manager 5.2-5592-1 Synology Diskstation Manager 5.2-5592-2 Synology Diskstation Manager 5.2-5592-3 Synology Diskstation Manager 5.2-5592-4 Synology Diskstation Manager 5.2-5620 Synology Diskstation Manager 5.2-5644 Synology Diskstation Manager 5.2-5644-1 Synology Diskstation Manager 5.2-5644-2 Synology Diskstation Manager 5.2-5644-3 Synology Diskstation Manager 5.2-5644-5 Synology Diskstation Manager 5.2-5644-8 Synology Diskstation Manager 5.2-5967 Synology Diskstation Manager 5.2-5967-1 Synology Diskstation Manager 5.2-5967-2 Synology Diskstation Manager 5.2-5967-3 Synology Diskstation Manager 5.2-5967-4 Synology Diskstation Manager 5.2-5967-5 Synology Diskstation Manager 5.2-5967-6 Synology Diskstation Manager 5.2-5967-7 Synology Diskstation Manager 5.2-5967-8 Synology Diskstation Manager 5.2-5967-9 Synology Diskstation Manager 6.0 Synology Diskstation Manager 6.0-7321 Synology Diskstation Manager 6.0-7321-1 Synology Diskstation Manager 6.0-7321-2 Synology Diskstation Manager 6.0-7321-3 Synology Diskstation Manager 6.0-7321-5 Synology Diskstation Manager 6.0-7321-6 Synology Diskstation Manager 6.0.1-7393 Synology Diskstation Manager 6.0.1-7393-1 Synology Diskstation Manager 6.0.1-7393-2 Synology Diskstation Manager 6.0.2-8451 Synology Diskstation Manager 6.0.2-8451-1 Synology Diskstation Manager 6.0.2-8451-2 Synology Diskstation Manager 6.0.2-8451-3 Synology Diskstation Manager 6.0.2-8451-4 Synology Diskstation Manager 6.0.2-8451-5 Synology Diskstation Manager 6.0.2-8451-6 Synology Diskstation Manager 6.0.2-8451-7 Synology Diskstation Manager 6.0.2-8451-8 Synology Diskstation Manager 6.0.2-8451-9 Synology Diskstation Manager 6.0.2-8451-10 Synology Diskstation Manager 6.0.3-8754 Synology Diskstation Manager 6.0.3-8754-1 Synology Diskstation Manager 6.0.3-8754-3 Synology Diskstation Manager 6.0.3-8754-4 Synology Diskstation Manager 6.0.3-8754-8 Synology Diskstation Manager 6.1 Synology Diskstation Manager 6.1-15047 Synology Diskstation Manager 6.1-15047-1 Synology Diskstation Manager 6.1-15047-2 Synology Diskstation Manager 6.1.1 Synology Diskstation Manager 6.1.1-15101 Synology Diskstation Manager 6.1.1-15101-1 Synology Diskstation Manager 6.1.1-15101-2 Synology Diskstation Manager 6.1.1-15101-3 Synology Diskstation Manager 6.1.1-15101-4 Synology Diskstation Manager 6.1.2-15132 Synology Diskstation Manager 6.1.2-15132-1 Synology Diskstation Manager 6.1.3-15152 Synology Diskstation Manager 6.1.3-15152-1 Synology Diskstation Manager 6.1.3-15152-3 Synology Diskstation Manager 6.1.3-15152-4 Synology Diskstation Manager 6.1.3-15152-5 Synology Diskstation Manager 6.1.3-15152-6 Synology Diskstation Manager 6.1.3-15152-7 Synology Diskstation Manager 6.1.3-15152-8 Synology Diskstation Manager 6.1.4-15217 Synology Diskstation Manager 6.1.4-15217-1 Synology Diskstation Manager 6.1.4-15217-2 Synology Diskstation Manager 6.1.4-15217-3 Synology Diskstation Manager 6.1.4-15217-4 Synology Diskstation Manager 6.1.4-15217-5 Synology Diskstation Manager 6.1.6-15266 Synology Diskstation Manager 6.1.7-15284 Synology Diskstation Manager 6.1.7-15284-1 Synology Diskstation Manager 6.1.7-15284-2 Synology Diskstation Manager 6.1.7-15284-3 Synology Diskstation Manager 6.2 Synology Diskstation Manager 6.2-23739 Synology Diskstation Manager 6.2-23739-1 Synology Diskstation Manager 6.2-23739-2 Synology Diskstation Manager 6.2.1 Synology Diskstation Manager 6.2.1-23824 Synology Diskstation Manager 6.2.1-23824-1 Synology Diskstation Manager 6.2.1-23824-2 Synology Diskstation Manager 6.2.1-23824-3 Synology Diskstation Manager 6.2.1-23824-4 Synology Diskstation Manager 6.2.1-23824-5 Synology Diskstation Manager 6.2.1-23824-6 Synology Diskstation Manager 6.2.2-24922 Synology Diskstation Manager 6.2.3-25426-2	106
OS	Synology Synology Vs960Hd Firmware - Synology Skynas Firmware - Synology Diskstation Manager Unified Controller 3.0	3
Hardware	Synology Synology Vs960Hd - Synology Skynas - Synology Uc3200 -	3

Common Weakness Enumeration (CWE)

CWE-787 - Out-of-bounds Write

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

References