Synology Media_server
6 CVEs affecting Synology Media_server. Latest disclosed: 2024-12-18. Critical: 1, High: 3.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2022-22683 | Critical | 10.0 | 2022-07-28 | Buffer copy without checking size of input ('Classic Buffer Overflow') vulnerability in cgi component in Synology Media Server before 1.8.1-2876 allows remote… |
CVE-2024-4464 | High | 7.5 | 2024-12-18 | Authorization bypass through user-controlled key vulnerability in streaming service in Synology Media Server before 1.4-2680, 2.0.5-3152 and 2.2.0-3325 allows… |
CVE-2021-33180 | High | 7.3 | 2021-06-01 | Improper neutralization of special elements used in an SQL command ('SQL Injection') vulnerability in cgi component in Synology Media Server before 1.8.1-2876… |
CVE-2018-8914 | High | 7.3 | 2018-05-10 | SQL injection vulnerability in UPnP DMA in Synology Media Server before 1.7.6-2842 and before 1.4-2654 allows remote attackers to execute arbitrary SQL command… |
CVE-2021-34808 | Medium | 5.8 | 2021-06-18 | Server-Side Request Forgery (SSRF) vulnerability in cgi component in Synology Media Server before 1.8.3-2881 allows remote attackers to access intranet resourc… |
CVE-2022-27614 | Medium | 5.3 | 2022-07-28 | Exposure of sensitive information to an unauthorized actor vulnerability in web server in Synology Media Server before 1.8.1-2876 allows remote attackers to ob… |