CVE-2024-10441
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2024-10441
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Improper encoding or escaping of output vulnerability in the system plugin daemon in Synology BeeStation OS (BSM) before 1.1-65374 and Synology DiskStation Manager (DSM) before 7.2-64570-4, 7.2.1-69057-6 and 7.2.2-72806-1 allows remote attackers to execute arbitrary code via unspecified vectors.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Source: NVD (National Vulnerability Database)
Vulnerability Type
对输出编码和转义不恰当
Source: NVD (National Vulnerability Database)
Vulnerability Title
Synology DiskStation Manager(DSM)和Synology BeeStation Manager 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Synology DiskStation Manager(DSM)和Synology BeeStation Manager都是中国群晖(Synology)公司的产品。Synology DiskStation Manager是一套用于网络储存服务器(NAS)上的操作系统。该操作系统可管理资料、文件、照片、音乐等信息。Synology BeeStation Manager是一款用于管理 BeeStation 的软件。用于管理和配置 BeeStation 的各项功能。 Synology DiskStation
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Shenlong Deep Dive — AI Deep Analysis
10-question deep dive: root cause, exploitation, mitigation, urgency. Read summary free, full version requires login.
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| Synology | DiskStation Manager (DSM) | 7.2.2 ~ 7.2.2-72806-1 | - | |
| Synology | BeeStation OS (BSM) | 1.1 ~ 1.1-65374 | - |
II. Public POCs for CVE-2024-10441
| # | POC Description | Source Link | Shenlong Link |
|---|---|---|---|
| 1 | None | https://github.com/hazzzein/CVE-2024-10441 | POC Details |
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2024-10441
请登录查看更多情报信息。
- Synology_SA_24_20 | Synology Inc.vendor-advisory
- Synology_SA_24_23 | Synology Inc.vendor-advisory
- https://nvd.nist.gov/vuln/detail/CVE-2024-10441
Same Patch Batch · Synology · 2025-03-19 · 8 CVEs total
| CVE-2024-10442 | 10.0 CRITICAL | Synology Replication Service 安全漏洞 |
| CVE-2024-11131 | 9.8 CRITICAL | Synology Camera Firmware 缓冲区错误漏洞 |
| CVE-2024-50631 | 7.5 HIGH | Synology Drive Server SQL注入漏洞 |
| CVE-2024-50630 | 7.5 HIGH | Synology Drive Server 访问控制错误漏洞 |
| CVE-2024-10444 | 7.5 HIGH | Synology DiskStation Manager 信任管理问题漏洞 |
| CVE-2024-50629 | 5.3 MEDIUM | Synology DiskStation Manager(DSM)和Synology BeeStation Manager 安全漏洞 |
| CVE-2024-10445 | 4.3 MEDIUM | Synology DiskStation Manager(DSM)和Synology BeeStation Manager 信任管理问题漏洞 |
IV. Related Vulnerabilities
Same product: DiskStation Manager (DSM)
- CVE-2024-5401
Synology DiskStation Manager和Synology Unified Controller 安全漏 - CVE-2024-45539
Synology DiskStation Manager和Synology Unified Controller 缓冲区 - CVE-2024-45538
Synology DiskStation Manager和Synology Unified Controller 跨站请 - CVE-2025-1021
Synology DiskStation Manager 安全漏洞 - CVE-2024-50629
Synology DiskStation Manager(DSM)和Synology BeeStation Manage
Same weakness: CWE-116
- CVE-2026-42810
Apache Polaris: could broaden vended S3 credentials through - CVE-2026-42040
Axios: Null Byte Injection via Reverse-Encoding in AxiosURLS - CVE-2026-40567
FreeScout has HTML Injection in Outgoing Emails via Unsaniti - CVE-2026-6058
Zyxel WRE6505 安全漏洞 - CVE-2026-20136
Cisco Identity Services Engine Authenticated Privilege Escal
V. Comments for CVE-2024-10441
No comments yet