Synology — Vulnerabilities & Security Advisories 294

Browse all 294 CVE security advisories affecting Synology. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Synology operates primarily in the network-attached storage (NAS) sector, providing hardware and software solutions for data management and backup. With 271 recorded Common Vulnerabilities and Exposures (CVEs), the platform has historically been susceptible to critical security flaws, including remote code execution, cross-site scripting, and privilege escalation vulnerabilities. These issues often stem from insecure default configurations, weak authentication mechanisms, and unpatched web interface components. Notable incidents include the discovery of backdoors in certain firmware versions and widespread exploitation of unauthenticated access points, which allowed attackers to gain full system control. The high volume of CVEs reflects the complexity of its web-based management interfaces and the persistent targeting of IoT devices by threat actors. Users are advised to maintain strict update protocols and disable unnecessary services to mitigate these known risks effectively.

CVE ID	Title	CVSS	Severity	Published
CVE-2021-29085	Synology DiskStation Manager 注入漏洞 — DiskStation Manager (DSM)CWE-74	8.6	High	2021-06-23
CVE-2021-29087	Synology DiskStation Manager 路径遍历漏洞 — DiskStation Manager (DSM)CWE-22	7.5	High	2021-06-23
CVE-2021-27649	Synology DiskStation Manager 资源管理错误漏洞 — DiskStation Manager (DSM)CWE-416	9.8	Critical	2021-06-23
CVE-2021-29086	Synology DiskStation Manager 信息泄露漏洞 — DiskStation Manager (DSM)CWE-200	5.3	Medium	2021-06-23
CVE-2021-26563	Synology DiskStation Manager 访问控制错误漏洞 — DiskStation Manager (DSM)CWE-863	8.2	High	2021-02-26
CVE-2020-27656	Synology DiskStation Manager 信息泄露漏洞 — DiskStation Manager (DSM)CWE-319	6.5	Medium	2020-10-29
CVE-2020-27652	Synology DiskStation Manager 加密问题漏洞 — DiskStation Manager (DSM)CWE-327	8.3	High	2020-10-29
CVE-2020-27650	Synology DiskStation Manager 安全漏洞 — DiskStation Manager (DSM)CWE-614	5.8	Medium	2020-10-29
CVE-2020-27648	Synology DiskStation Manager 信任管理问题漏洞 — DiskStation Manager (DSM)CWE-295	8.3	High	2020-10-29
CVE-2018-13293	Synology DiskStation Manager 跨站脚本漏洞 — DiskStation Manager (DSM)CWE-79	5.4	-	2019-04-01
CVE-2018-13291	Synology DiskStation Manager 信息泄露漏洞 — DiskStation Manager (DSM)CWE-200	4.3	-	2019-04-01
CVE-2018-13286	Synology DiskStation Manager 信息泄露漏洞 — DiskStation Manager (DSM)CWE-276	4.3	-	2019-04-01
CVE-2018-13284	Synology DiskStation Manager 操作系统命令注入漏洞 — DiskStation Manager (DSM)CWE-78	8.8	-	2019-04-01
CVE-2017-16774	Synology DiskStation Manager 跨站脚本漏洞 — DiskStation Manager (DSM)CWE-79	5.4	-	2019-04-01
CVE-2018-8920	Synology DiskStation Manager 注入漏洞 — DiskStation Manager (DSM)CWE-116	9.8	-	2018-12-24
CVE-2018-8919	Synology DiskStation Manager 信息泄露漏洞 — DiskStation Manager (DSM)CWE-200	9.8	-	2018-12-24
CVE-2018-8917	Synology DiskStation Manager 跨站脚本漏洞 — DiskStation Manager (DSM)CWE-79	5.4	-	2018-12-24
CVE-2018-13281	Synology DiskStation Manager 信息泄露漏洞 — DiskStation Manager (DSM)CWE-200	4.3	-	2018-10-31
CVE-2018-13280	Synology DiskStation Manager 安全漏洞 — DiskStation Manager (DSM)CWE-330	7.4	-	2018-07-30
CVE-2017-12075	Synology DiskStation Manager EZ-Internet 命令注入漏洞 — DiskStation Manager (DSM)CWE-77	8.8	-	2018-06-08
CVE-2018-8916	Synology DiskStation Manager 安全漏洞 — DiskStation Manager (DSM)CWE-620	8.1	-	2018-06-08
CVE-2017-16766	Synology DiskStation Manager 访问控制错误漏洞 — DiskStation Manager (DSM)CWE-284	6.4	-	2017-12-22
CVE-2017-15889	Synology DiskStation Manager 命令注入漏洞 — DiskStation Manager (DSM)CWE-77	8.8	-	2017-12-04

This page lists every published CVE security advisory associated with Synology. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.

Goal Reached Thanks to every supporter — we hit 100%!

Synology — Vulnerabilities & Security Advisories 294