Synology Diskstation Manager (Dsm)

53 CVEs affecting Synology Diskstation Manager (Dsm). Latest disclosed: 2026-05-27. Critical: 7, High: 19.

Top CVEs affecting Synology Diskstation Manager (Dsm)
CVESeverityScorePublishedSummary
CVE-2022-27624Critical10.02022-10-20A vulnerability regarding improper restriction of operations within the bounds of a memory buffer is found in the packet decryption functionality of Out-of-Ban…
CVE-2022-27625Critical10.02022-10-20A vulnerability regarding improper restriction of operations within the bounds of a memory buffer is found in the message processing functionality of Out-of-Ba…
CVE-2022-27626Critical10.02022-10-20A vulnerability regarding concurrent execution using shared resource with improper synchronization ('Race Condition') is found in the session processing functi…
CVE-2024-10441Critical9.82025-03-19Improper encoding or escaping of output vulnerability in the system plugin daemon in Synology BeeStation OS (BSM) before 1.1-65374 and Synology DiskStation Man…
CVE-2022-22687Critical9.82022-03-25Buffer copy without checking size of input ('Classic Buffer Overflow') vulnerability in Authentication functionality in Synology DiskStation Manager (DSM) befo…
CVE-2021-27649Critical9.82021-06-23Use after free vulnerability in file transfer protocol component in Synology DiskStation Manager (DSM) before 6.2.3-25426-3 allows remote attackers to execute…
CVE-2024-45538Critical9.62025-12-04Cross-Site Request Forgery (CSRF) vulnerability in WebAPI Framework in Synology DiskStation Manager (DSM) before 7.2.1-69057-2 and 7.2.2-72806 and Synology Uni…
CVE-2022-22688High8.82022-03-25Improper neutralization of special elements used in a command ('Command Injection') vulnerability in File service functionality in Synology DiskStation Manager…
CVE-2017-15889High8.82017-12-04Command injection vulnerability in smart.cgi in Synology DiskStation Manager (DSM) before 5.2-5967-5 allows remote authenticated users to execute arbitrary com…
CVE-2021-29085High8.62021-06-23Improper neutralization of special elements in output used by a downstream component ('Injection') vulnerability in file sharing management component in Synolo…
CVE-2020-27652High8.32020-10-29Algorithm downgrade vulnerability in QuickConnect in Synology DiskStation Manager (DSM) before 6.2.3-25426-2 allows man-in-the-middle attackers to spoof server…
CVE-2020-27648High8.32020-10-29Improper certificate validation vulnerability in OpenVPN client in Synology DiskStation Manager (DSM) before 6.2.3-25426-2 allows man-in-the-middle attackers t…
CVE-2018-8919High8.32018-12-24Information exposure vulnerability in SYNO.Core.Desktop.SessionData in Synology DiskStation Manager (DSM) before 6.1.6-15266 allows remote attackers to steal c…
CVE-2021-26563High8.22021-02-26Incorrect authorization vulnerability in synoagentregisterd in Synology DiskStation Manager (DSM) before 6.2.4-25553 allows local users to execute arbitrary co…
CVE-2025-13392High8.12026-05-27Improper check for unusual or exceptional conditions vulnerability in SSO in Synology DiskStation Manager (DSM) before 7.2.2-72806-5 and 7.3.1-86003-1 (7.2.1-6…
CVE-2024-45539High7.52025-12-04Out-of-bounds write vulnerability in cgi components in Synology DiskStation Manager (DSM) before 7.2.1-69057-2 and 7.2.2-72806 and Synology Unified Controller…
CVE-2025-1021High7.52025-04-23Missing authorization vulnerability in synocopy in Synology DiskStation Manager (DSM) before 7.1.1-42962-8, 7.2.1-69057-7 and 7.2.2-72806-3 allows remote attac…
CVE-2024-10444High7.52025-03-19Improper certificate validation vulnerability in the LDAP utilities in Synology DiskStation Manager (DSM) before 7.1.1-42962-8, 7.2.1-69057-7 and 7.2.2-72806-3…
CVE-2021-29084High7.52021-06-23Improper neutralization of special elements in output used by a downstream component ('Injection') vulnerability in Security Advisor report management componen…
CVE-2021-29087High7.52021-06-23Improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in webapi component in Synology DiskStation Manager (DSM) before 6…