Vulnerabilities > CVE-2021-27646 - Use After Free vulnerability in Synology Diskstation Manager

CVSS 9.8 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

synology

CWE-416

critical

NVD

Published: 2021-03-12

Updated: 2021-03-26

Summary

Use After Free vulnerability in iscsi_snapshot_comm_core in Synology DiskStation Manager (DSM) before 6.2.3-25426-3 allows remote attackers to execute arbitrary code via crafted web requests.

Vulnerable Configurations

Part	Description	Count
Application	Synology Synology Diskstation Manager - Synology Diskstation Manager 3.0 Synology Diskstation Manager 4.0 Synology Diskstation Manager 4.0-2259 Synology Diskstation Manager 4.2 Synology Diskstation Manager 4.2-3243 Synology Diskstation Manager 4.3 Synology Diskstation Manager 4.3-3810 Synology Diskstation Manager 5.2 Synology Diskstation Manager 5.2-5565 Synology Diskstation Manager 5.2-5565-1 Synology Diskstation Manager 5.2-5565-2 Synology Diskstation Manager 5.2-5592 Synology Diskstation Manager 5.2-5592-1 Synology Diskstation Manager 5.2-5592-2 Synology Diskstation Manager 5.2-5592-3 Synology Diskstation Manager 5.2-5592-4 Synology Diskstation Manager 5.2-5620 Synology Diskstation Manager 5.2-5644 Synology Diskstation Manager 5.2-5644-1 Synology Diskstation Manager 5.2-5644-2 Synology Diskstation Manager 5.2-5644-3 Synology Diskstation Manager 5.2-5644-5 Synology Diskstation Manager 5.2-5644-8 Synology Diskstation Manager 5.2-5967 Synology Diskstation Manager 5.2-5967-1 Synology Diskstation Manager 5.2-5967-2 Synology Diskstation Manager 5.2-5967-3 Synology Diskstation Manager 5.2-5967-4 Synology Diskstation Manager 5.2-5967-5 Synology Diskstation Manager 5.2-5967-6 Synology Diskstation Manager 5.2-5967-7 Synology Diskstation Manager 5.2-5967-8 Synology Diskstation Manager 5.2-5967-9 Synology Diskstation Manager 6.0 Synology Diskstation Manager 6.0-7321 Synology Diskstation Manager 6.0-7321-1 Synology Diskstation Manager 6.0-7321-2 Synology Diskstation Manager 6.0-7321-3 Synology Diskstation Manager 6.0-7321-5 Synology Diskstation Manager 6.0-7321-6 Synology Diskstation Manager 6.0.1-7393 Synology Diskstation Manager 6.0.1-7393-1 Synology Diskstation Manager 6.0.1-7393-2 Synology Diskstation Manager 6.0.2-8451 Synology Diskstation Manager 6.0.2-8451-1 Synology Diskstation Manager 6.0.2-8451-2 Synology Diskstation Manager 6.0.2-8451-3 Synology Diskstation Manager 6.0.2-8451-4 Synology Diskstation Manager 6.0.2-8451-5 Synology Diskstation Manager 6.0.2-8451-6 Synology Diskstation Manager 6.0.2-8451-7 Synology Diskstation Manager 6.0.2-8451-8 Synology Diskstation Manager 6.0.2-8451-9 Synology Diskstation Manager 6.0.2-8451-10 Synology Diskstation Manager 6.0.3-8754 Synology Diskstation Manager 6.0.3-8754-1 Synology Diskstation Manager 6.0.3-8754-3 Synology Diskstation Manager 6.0.3-8754-4 Synology Diskstation Manager 6.0.3-8754-8 Synology Diskstation Manager 6.1 Synology Diskstation Manager 6.1-15047 Synology Diskstation Manager 6.1-15047-1 Synology Diskstation Manager 6.1-15047-2 Synology Diskstation Manager 6.1.1 Synology Diskstation Manager 6.1.1-15101 Synology Diskstation Manager 6.1.1-15101-1 Synology Diskstation Manager 6.1.1-15101-2 Synology Diskstation Manager 6.1.1-15101-3 Synology Diskstation Manager 6.1.1-15101-4 Synology Diskstation Manager 6.1.2-15132 Synology Diskstation Manager 6.1.2-15132-1 Synology Diskstation Manager 6.1.3-15152 Synology Diskstation Manager 6.1.3-15152-1 Synology Diskstation Manager 6.1.3-15152-3 Synology Diskstation Manager 6.1.3-15152-4 Synology Diskstation Manager 6.1.3-15152-5 Synology Diskstation Manager 6.1.3-15152-6 Synology Diskstation Manager 6.1.3-15152-7 Synology Diskstation Manager 6.1.3-15152-8 Synology Diskstation Manager 6.1.4-15217 Synology Diskstation Manager 6.1.4-15217-1 Synology Diskstation Manager 6.1.4-15217-2 Synology Diskstation Manager 6.1.4-15217-3 Synology Diskstation Manager 6.1.4-15217-4 Synology Diskstation Manager 6.1.4-15217-5 Synology Diskstation Manager 6.1.6-15266 Synology Diskstation Manager 6.1.7-15284 Synology Diskstation Manager 6.1.7-15284-1 Synology Diskstation Manager 6.1.7-15284-2 Synology Diskstation Manager 6.1.7-15284-3 Synology Diskstation Manager 6.2 Synology Diskstation Manager 6.2-23739 Synology Diskstation Manager 6.2-23739-1 Synology Diskstation Manager 6.2-23739-2 Synology Diskstation Manager 6.2.1 Synology Diskstation Manager 6.2.1-23824 Synology Diskstation Manager 6.2.1-23824-1 Synology Diskstation Manager 6.2.1-23824-2 Synology Diskstation Manager 6.2.1-23824-3 Synology Diskstation Manager 6.2.1-23824-4 Synology Diskstation Manager 6.2.1-23824-5 Synology Diskstation Manager 6.2.1-23824-6 Synology Diskstation Manager 6.2.2-24922 Synology Diskstation Manager 6.2.3-25426-2	106

Common Weakness Enumeration (CWE)

CWE-416 - Use After Free

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

References