Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Command injection vulnerability in EZ-Internet in Synology DiskStation Manager (DSM) before 6.2-23739 allows remote authenticated users to execute arbitrary command via the username parameter.
CVSS Information
N/A
Vulnerability Type
在命令中使用的特殊元素转义处理不恰当(命令注入)
Vulnerability Title
Synology DiskStation Manager EZ-Internet 命令注入漏洞
Vulnerability Description
Synology DiskStation Manager(DSM)是群晖科技(Synology)公司的一套用于网络储存服务器(NAS)上的操作系统。该操作系统可管理资料、文件、照片、音乐等信息。EZ-Internet是其中的一个网络配置工具。 Synology DSM 6.2-23739之前版本中的EZ-Internet存在命令注入漏洞。远程攻击者可借助‘username’参数利用该漏洞执行任意的命令。
CVSS Information
N/A
Vulnerability Type
N/A