Follow along with the video below to see how to install our site as a web app on your home screen.
Note: This feature may not be available in some browsers.
Today there were four Synology security advisories: USB Copy; SSO Server; Note Station Client; Storage Analyzer. The package vulnerabilities are through remote authorised users, while the Note Station Client is a man-in-the-middle vulnerability.
All but SSO Server on DSM 6.2 are mitigated by updates for DSM 7.1, 7.0, and 6.2. Also, all the package fixes were released in 2021, so it is most likely that you have been using the fixes for a year or so already. Note Station Client was fixed in March 2022, so best to check that you are using it.
2022-08-01
Mobile
2022-07-29
Utility
2022-07-27
Os
2022-07-21
ChromeApp
2022-07-20
Utility
2022-07-19
Package
Mobile
2022-07-12
Package
2022-07-07
Utility
2022-07-04
Package
2022-07-01
Package
2022-06-27
Package
2022-06-21
Mobile
2022-06-20
Package
2022-07-07
Utility
2022-07-06
Utility
Package
2022-07-04
Mobile
2022-06-30
Os
Mobile
2022-06-29
Package
2022-06-24
Package
2022-06-22
Utility
Package
2022-06-15
Package
2022-06-13
Utility
2022-06-10
Package
2022-06-27
Package
2022-06-24
Mobile
2022-06-21
Utility
Mobile
Mostly updates for SRM 1.3.1-9316 (Release Candidate), so not final, general release yet. So, as we say in English, caveat emptor
Also today...
Synology Security - Synology-SA-22:09 SRM
Multiple vulnerabilities allow remote authenticated users to inject SQL command or read and write arbitrary files via a susceptible version of Synology Router Manager (SRM). Continue reading... - - - Source: synology.comwww.synoforum.comThis vulnerability states it is for authenticated users on SRM, so that's people that are logged into SRM. Since the notice doesn't differentiate between users authenticated in SRM web portal, VPN Plus web portal, Cloud Station, network services (SMB, AFP, WebDAV, FTP, FTPS, SSH, or SFTP), or even a long shot RADIUS Server then I would just assume any authenticated user poses a risk. If you have limited user access to the router then you are probably ok to not jump onto this pre-release software.
2022-06-21
Mobile
2022-06-20
Os
2022-06-13
Utility
2022-06-09
Package
2022-06-06
Package
2022-05-17
Package
2022-06-20
Utility
2022-06-15
Package
Mobile
2022-06-13
Utility
2022-06-13
Utility
2022-06-10
Package
2022-06-06
Utility
2022-05-31
Package
2022-05-31
Package
2022-05-27
Package
2022-04-28
Package
2022-05-31
Utility
2022-05-29
Utility
2022-05-27
Os
2022-05-26
Mobile
We use essential cookies to make this site work, and optional cookies to enhance your experience.