Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1310 CNY

100%
Buy Us a Coffee

Synology — Vulnerabilities & Security Advisories 289

Browse all 289 CVE security advisories affecting Synology. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Synology operates primarily in the network-attached storage (NAS) sector, providing hardware and software solutions for data management and backup. With 271 recorded Common Vulnerabilities and Exposures (CVEs), the platform has historically been susceptible to critical security flaws, including remote code execution, cross-site scripting, and privilege escalation vulnerabilities. These issues often stem from insecure default configurations, weak authentication mechanisms, and unpatched web interface components. Notable incidents include the discovery of backdoors in certain firmware versions and widespread exploitation of unauthenticated access points, which allowed attackers to gain full system control. The high volume of CVEs reflects the complexity of its web-based management interfaces and the persistent targeting of IoT devices by threat actors. Users are advised to maintain strict update protocols and disable unnecessary services to mitigate these known risks effectively.

Top products by Synology: DiskStation Manager (DSM) Synology Router Manager (SRM) Surveillance Station Synology Photo Station Synology DiskStation Manager (DSM) Photo Station Camera Firmware Calendar Synology Drive Client BeeDrive for desktop Media Server Synology Calendar Synology Active Backup for Business Agent Note Station Drive Active Backup for Business Safe Access Download Station Synology SSL VPN Client Synology Download Station Audio Station CardDAV Server Office Presto File Server Synology Drive Server Synology Video Station MailPlus Server SSO Server File Station Chat
CVE IDTitleCVSSSeverityPublished
CVE-2022-27619 Synology Note Station 安全漏洞 — Synology Note Station ClientCWE-319 6.8 Medium2022-08-03
CVE-2022-27618 Synology Storage Analyzer 路径遍历漏洞 — Storage AnalyzerCWE-22 6.8 Medium2022-08-03
CVE-2022-27617 Synology Calendar 路径遍历漏洞 — Synology CalendarCWE-22 5.0 Medium2022-08-03
CVE-2022-27616 Synology DiskStation Manager 操作系统命令注入漏洞 — DiskStation Manager (DSM)CWE-78 7.2 High2022-08-03
CVE-2022-27611 Synology Audio Station 路径遍历漏洞 — Audio StationCWE-22 5.4 Medium2022-07-28
CVE-2022-27612 Synology Audio Station 安全漏洞 — Audio StationCWE-120 7.3 High2022-07-28
CVE-2022-22683 Synology Media Server 安全漏洞 — Media ServerCWE-120 10.0 Critical2022-07-28
CVE-2022-27614 Synology Media Server 信息泄露漏洞 — Media ServerCWE-200 5.3 Medium2022-07-28
CVE-2022-22685 Synology WebDAV Server 路径遍历漏洞 — WebDAV ServerCWE-22 8.7 High2022-07-28
CVE-2022-27613 Synology CardDAV Server SQL注入漏洞 — CardDAV ServerCWE-89 8.3 High2022-07-28
CVE-2022-22684 Synology DiskStation Manager 操作系统命令注入漏洞 — DiskStation Manager (DSM)CWE-78 7.2 High2022-07-28
CVE-2022-27615 Synology DNS Server 路径遍历漏洞 — DNS ServerCWE-22 7.7 High2022-07-28
CVE-2022-27610 Synology DiskStation Manager 路径遍历漏洞 — DiskStation Manager (DSM)CWE-22 6.5 Medium2022-07-27
CVE-2022-22686 Synology Calendar 跨站请求伪造漏洞 — Synology CalendarCWE-352 6.5 Medium2022-07-26
CVE-2022-22682 Synology Calendar 跨站脚本漏洞 — Synology CalendarCWE-79 6.5 Medium2022-07-12
CVE-2022-22681 Synology Photo Station 授权问题漏洞 — Photo StationCWE-384 8.1 High2022-07-06
CVE-2022-22687 Synology DiskStation Manager缓冲区错误漏洞 — DiskStation Manager (DSM)CWE-120 9.8 Critical2022-03-25
CVE-2022-22688 Synology DiskStation Manager命令注入漏洞 — DiskStation Manager (DSM)CWE-77 8.8 High2022-03-25
CVE-2022-22679 Synology DiskStation Manager 路径遍历漏洞 — DiskStation Manager (DSM)CWE-22 6.5 Medium2022-02-07
CVE-2021-43929 Synology DiskStation Manager 跨站脚本漏洞 — DiskStation Manager (DSM)CWE-74 6.5 Medium2022-02-07
CVE-2021-43928 Synology DiskStation Manager 操作系统命令注入漏洞 — Mail StationCWE-78 9.9 Critical2022-02-07
CVE-2021-43927 Synology DiskStation Manager SQL注入漏洞 — DiskStation Manager (DSM)CWE-89 4.7 Medium2022-02-07
CVE-2021-43926 Synology DiskStation Manager SQL注入漏洞 — DiskStation Manager (DSM)CWE-89 4.7 Medium2022-02-07
CVE-2021-43925 Synology DiskStation Manager SQL注入漏洞 — DiskStation Manager (DSM)CWE-89 4.7 Medium2022-02-07
CVE-2022-22680 Synology DiskStation Manager 信息泄露漏洞 — DiskStation Manager (DSM)CWE-200 5.3 Medium2022-02-07
CVE-2021-29084 Synology DiskStation DS418play 注入漏洞 — DiskStation Manager (DSM)CWE-74 7.5 High2021-06-23
CVE-2021-29085 Synology DiskStation Manager 注入漏洞 — DiskStation Manager (DSM)CWE-74 8.6 High2021-06-23
CVE-2021-29087 Synology DiskStation Manager 路径遍历漏洞 — DiskStation Manager (DSM)CWE-22 7.5 High2021-06-23
CVE-2021-27649 Synology DiskStation Manager 资源管理错误漏洞 — DiskStation Manager (DSM)CWE-416 9.8 Critical2021-06-23
CVE-2021-29086 Synology DiskStation Manager 信息泄露漏洞 — DiskStation Manager (DSM)CWE-200 5.3 Medium2021-06-23

This page lists every published CVE security advisory associated with Synology. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.