CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2023-2729
https://notcve.org/view.php?id=CVE-2023-2729
13 Jun 2023 — Use of insufficiently random values vulnerability in User Management Functionality in Synology DiskStation Manager (DSM) before 7.2-64561 allows remote attackers to obtain user credential via unspecified vectors. • https://www.synology.com/en-global/security/advisory/Synology_SA_23_07 •
CVSS: 8.5EPSS: 0%CPEs: 9EXPL: 0CVE-2023-0142
https://notcve.org/view.php?id=CVE-2023-0142
13 Jun 2023 — Uncontrolled search path element vulnerability in Backup Management Functionality in Synology DiskStation Manager (DSM) before 7.1-42661 allows remote authenticated users to read or write arbitrary files via unspecified vectors. Uncontrolled search path element vulnerability in Backup Management functionality in Synology DiskStation Manager (DSM) before 6.2.4-25556-8, 7.0.1-42218-7 and 7.1-42661 allows remote authenticated users with administrator privileges to read or write arbitrary files via unspecified ... • https://www.synology.com/en-global/security/advisory/Synology_SA_23_05 • CWE-427: Uncontrolled Search Path Element •