Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Synology — Vulnerabilities & Security Advisories 271

Browse all 271 CVE security advisories affecting Synology. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Synology operates primarily in the network-attached storage (NAS) sector, providing hardware and software solutions for data management and backup. With 271 recorded Common Vulnerabilities and Exposures (CVEs), the platform has historically been susceptible to critical security flaws, including remote code execution, cross-site scripting, and privilege escalation vulnerabilities. These issues often stem from insecure default configurations, weak authentication mechanisms, and unpatched web interface components. Notable incidents include the discovery of backdoors in certain firmware versions and widespread exploitation of unauthenticated access points, which allowed attackers to gain full system control. The high volume of CVEs reflects the complexity of its web-based management interfaces and the persistent targeting of IoT devices by threat actors. Users are advised to maintain strict update protocols and disable unnecessary services to mitigate these known risks effectively.

Top products by Synology: DiskStation Manager (DSM) Synology Router Manager (SRM) Surveillance Station Synology Photo Station Synology DiskStation Manager (DSM) Photo Station Camera Firmware Calendar Synology Drive Client Media Server Synology Calendar Note Station BeeDrive for desktop Synology Active Backup for Business Agent Drive Download Station Audio Station Synology SSL VPN Client Synology Download Station Active Backup for Business Chat SSO Server Synology Video Station Application Service Synology Drive Server Office CardDAV Server Safe Access Presto File Server MailPlus Server
CVE IDTitleCVSSSeverityPublished
CVE-2021-47961 Synology SSL VPN Client 安全漏洞 — Synology SSL VPN ClientCWE-256 8.1 High2026-04-10
CVE-2021-47960 Synology SSL VPN Client 安全漏洞 — Synology SSL VPN ClientCWE-552 6.5 Medium2026-04-10
CVE-2026-3091 Synology Presto Client 代码问题漏洞 — Synology Presto ClientCWE-427 6.7 Medium2026-02-24
CVE-2025-8074 Synology BeeDrive 访问控制错误漏洞 — BeeDrive for desktopCWE-346 5.6 Medium2025-12-04
CVE-2025-54160 Synology BeeDrive 路径遍历漏洞 — BeeDrive for desktopCWE-22 7.8 High2025-12-04
CVE-2025-54159 Synology BeeDrive 安全漏洞 — BeeDrive for desktopCWE-862 7.5 High2025-12-04
CVE-2025-54158 Synology BeeDrive 访问控制错误漏洞 — BeeDrive for desktopCWE-306 7.8 High2025-12-04
CVE-2025-2848 Synology Mail Server 安全漏洞 — Synology Mail ServerCWE-862 6.3 Medium2025-12-04
CVE-2025-29846 Synology Router Manager 路径遍历漏洞 — Synology Router Manager (SRM)CWE-22 7.2 High2025-12-04
CVE-2025-29845 Synology Router Manager 路径遍历漏洞 — Synology Router Manager (SRM)CWE-22 4.3 Medium2025-12-04
CVE-2025-29844 Synology Router Manager 路径遍历漏洞 — Synology Router Manager (SRM)CWE-22 4.3 Medium2025-12-04
CVE-2025-29843 Synology Router Manager 路径遍历漏洞 — Synology Router Manager (SRM)CWE-22 5.4 Medium2025-12-04
CVE-2024-5401 Synology DiskStation Manager和Synology Unified Controller 安全漏洞 — DiskStation Manager (DSM)CWE-913 4.3 Medium2025-12-04
CVE-2024-45539 Synology DiskStation Manager和Synology Unified Controller 缓冲区错误漏洞 — DiskStation Manager (DSM)CWE-787 7.5 High2025-12-04
CVE-2024-45538 Synology DiskStation Manager和Synology Unified Controller 跨站请求伪造漏洞 — DiskStation Manager (DSM)CWE-352 9.6 Critical2025-12-04
CVE-2024-13987 Synology RADIUS Server 跨站脚本漏洞 — RADIUS ServerCWE-79 5.9 Medium2025-08-29
CVE-2024-53288 Synology Router Manager 跨站脚本漏洞 — Synology Router Manager (SRM)CWE-79 5.9 Medium2025-07-23
CVE-2024-53287 Synology Router Manager 跨站脚本漏洞 — Synology Router Manager (SRM)CWE-79 5.9 Medium2025-07-23
CVE-2024-53286 Synology Router Manager 操作系统命令注入漏洞 — Synology Router Manager (SRM)CWE-78 7.2 High2025-07-23
CVE-2025-4679 Synology Active Backup 安全漏洞 — Active Backup for Microsoft 365CWE-522 6.5 Medium2025-05-16
CVE-2025-1021 Synology DiskStation Manager 安全漏洞 — DiskStation Manager (DSM)CWE-862 7.5 High2025-04-23
CVE-2024-50631 Synology Drive Server SQL注入漏洞 — Synology Drive ServerCWE-89 7.5 High2025-03-19
CVE-2024-50630 Synology Drive Server 访问控制错误漏洞 — Synology Drive ServerCWE-306 7.5 High2025-03-19
CVE-2024-50629 Synology DiskStation Manager(DSM)和Synology BeeStation Manager 安全漏洞 — DiskStation Manager (DSM)CWE-116 5.3 Medium2025-03-19
CVE-2024-11131 Synology Camera Firmware 缓冲区错误漏洞 — Camera FirmwareCWE-125 9.8 Critical2025-03-19
CVE-2024-10442 Synology Replication Service 安全漏洞 — Unified Controller (DSMUC)CWE-193 10.0 Critical2025-03-19
CVE-2024-10445 Synology DiskStation Manager(DSM)和Synology BeeStation Manager 信任管理问题漏洞 — DiskStation Manager (DSM)CWE-295 4.3 Medium2025-03-19
CVE-2024-10441 Synology DiskStation Manager(DSM)和Synology BeeStation Manager 安全漏洞 — DiskStation Manager (DSM)CWE-116 9.8 Critical2025-03-19
CVE-2024-10444 Synology DiskStation Manager 信任管理问题漏洞 — DiskStation Manager (DSM)CWE-295 7.5 High2025-03-19
CVE-2024-47266 Synology Active Backup for Business 路径遍历漏洞 — Active Backup for BusinessCWE-22 2.7 Low2025-02-13

This page lists every published CVE security advisory associated with Synology. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.