CNNVD-202512-579 Information
CNNVD ID
CNNVD-202512-579
Related CVE
- CNNVD Published: 2025-12-04
Description (Chinese)
Synology DiskStation Manager(DSM)和Synology Unified Controller都是中国群晖(Synology)公司的产品。Synology DiskStation Manager是一套用于网络储存服务器(NAS)上的操作系统。该操作系统可管理资料、文件、照片、音乐等信息。Synology Unified Controller是一个专用硬件设备。 Synology DiskStation Manager和Synology Unified Controller存在缓冲区错误漏洞,该漏洞源于cgi组件存在越界写入,可能导致拒绝服务攻击。
Description (English)
Synology DiskStation Manager (DSM) and Synology United Controller are products of Synology. Synology DiskStation Manager is an operating system for network storage servers (NAS). The operating system manages information, documents, photographs, music, etc. Synology United Contractor is a specialized hardware device. Synology DiskStation Manager and Synology United Controller had an error loophole in the buffer zone, which stemmed from the cross-border writing of cgi components, which could lead to a denial of service attack.
Hazard Level
Medium
Vulnerability Type
缓冲区错误
Affected Vendor
群晖
Published
2025-12-04
Last Modified
2026-02-24
References
https://www.synology.com/en-global/security/advisory/Synology_SA_24_27
Patch
https://www.synology.com/en-global/security/advisory/Synology_SA_24_27
Share on: