Synology Unified Controller (Dsmuc)
6 CVEs affecting Synology Unified Controller (Dsmuc). Latest disclosed: 2025-12-04. Critical: 2, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-10442 | Critical | 10.0 | 2025-03-19 | Off-by-one error vulnerability in the transmission component in Synology Replication Service before 1.0.12-0066, 1.2.2-0353 and 1.3.0-0423 and Synology Unified… |
CVE-2024-45538 | Critical | 9.6 | 2025-12-04 | Cross-Site Request Forgery (CSRF) vulnerability in WebAPI Framework in Synology DiskStation Manager (DSM) before 7.2.1-69057-2 and 7.2.2-72806 and Synology Uni… |
CVE-2024-45539 | High | 7.5 | 2025-12-04 | Out-of-bounds write vulnerability in cgi components in Synology DiskStation Manager (DSM) before 7.2.1-69057-2 and 7.2.2-72806 and Synology Unified Controller… |
CVE-2023-0142 | Medium | 6.5 | 2023-06-13 | Uncontrolled search path element vulnerability in Backup Management functionality in Synology DiskStation Manager (DSM) before 6.2.4-25556-8, 7.0.1-42218-7 and… |
CVE-2023-2729 | Medium | 5.9 | 2023-06-13 | Use of insufficiently random values vulnerability in User Management Functionality in Synology DiskStation Manager (DSM) before 7.2-64561 allows remote attacke… |
CVE-2024-5401 | Medium | 4.3 | 2025-12-04 | Improper control of dynamically-managed code resources vulnerability in WebAPI component in Synology DiskStation Manager (DSM) before 7.1.1-42962-8 and 7.2.1-6… |