Multiple vulnerabilities allow remote attackers to hijack web sessions and inject SQL commands via a susceptible version of Synology Drive Server. The vulnerability reported by PWN2OWN 2024 (ZDI-CAN-25613) has been addressed. Update of Synology Drive Server for DSM 7.1 will be published within 30 days.
Continue reading...
- - -
Synology Product Security Advisory: check the list
Source: synology.com
Continue reading...
- - -
Synology Product Security Advisory: check the list
Source: synology.com