CVSS: 5.3EPSS: 0%CPEs: 6EXPL: 0CVE-2024-50629
https://notcve.org/view.php?id=CVE-2024-50629
19 Mar 2025 — Improper encoding or escaping of output vulnerability in the webapi component in Synology BeeStation Manager (BSM) before 1.1-65374, Synology DiskStation Manager (DSM) before 6.2.4-25556-8, 7.1.1-42962-7, 7.2-64570-4, 7.2.1-69057-6 and 7.2.2-72806-1 and Synology Unified Controller (DSMUC) before 3.1.4-23079 allows remote attackers to read limited files via unspecified vectors. La vulnerabilidad de codificación o escape incorrecto de la salida en el componente webapi en Synology BeeStation Manager (BSM) ante... • https://www.synology.com/en-global/security/advisory/Synology_SA_24_20 • CWE-116: Improper Encoding or Escaping of Output •
CVSS: 4.3EPSS: 0%CPEs: 7EXPL: 0CVE-2024-10445
https://notcve.org/view.php?id=CVE-2024-10445
19 Mar 2025 — Improper certificate validation vulnerability in the update functionality in Synology BeeStation Manager (BSM) before 1.1-65374, Synology DiskStation Manager (DSM) before 6.2.4-25556-8, 7.1.1-42962-7, 7.2-64570-4, 7.2.1-69057-6 and 7.2.2-72806-1 and Synology Unified Controller (DSMUC) before 3.1.4-23079 allows remote attackers to write limited files via unspecified vectors. La vulnerabilidad de validación de certificado incorrecta en la funcionalidad de actualización en Synology BeeStation Manager (BSM) ant... • https://www.synology.com/en-global/security/advisory/Synology_SA_24_20 • CWE-295: Improper Certificate Validation •
CVSS: 10.0EPSS: 0%CPEs: 6EXPL: 1CVE-2024-10441
https://notcve.org/view.php?id=CVE-2024-10441
19 Mar 2025 — Improper encoding or escaping of output vulnerability in the system plugin daemon in Synology BeeStation Manager (BSM) before 1.1-65374, Synology DiskStation Manager (DSM) before 6.2.4-25556-8, 7.1.1-42962-7, 7.2-64570-4, 7.2.1-69057-6 and 7.2.2-72806-1 and Synology Unified Controller (DSMUC) before 3.1.4-23079 allows remote attackers to execute arbitrary code via unspecified vectors. La vulnerabilidad de codificación o escape incorrecto de la salida en system plugin daemon en Synology BeeStation Manager (B... • https://github.com/hazzzein/CVE-2024-10441 • CWE-116: Improper Encoding or Escaping of Output •
CVSS: 7.6EPSS: 0%CPEs: 3EXPL: 0CVE-2024-10444
https://notcve.org/view.php?id=CVE-2024-10444
19 Mar 2025 — Improper certificate validation vulnerability in the LDAP utilities in Synology DiskStation Manager (DSM) before 7.1.1-42962-8, 7.2.1-69057-7 and 7.2.2-72806-3 allows man-in-the-middle attackers to hijack the authentication of administrators via unspecified vectors. Una vulnerabilidad de validación de certificado incorrecta en las utilidades LDAP en Synology DiskStation Manager (DSM) anteriores a 7.1.1-42962-8, 7.2.1-69057-7 y 7.2.2-72806-3 permite a atacantes intermediarios secuestrar la autenticación de l... • https://www.synology.com/en-global/security/advisory/Synology_SA_25_01 • CWE-295: Improper Certificate Validation •