Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Synology — Vulnerabilities & Security Advisories 271

Browse all 271 CVE security advisories affecting Synology. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Synology operates primarily in the network-attached storage (NAS) sector, providing hardware and software solutions for data management and backup. With 271 recorded Common Vulnerabilities and Exposures (CVEs), the platform has historically been susceptible to critical security flaws, including remote code execution, cross-site scripting, and privilege escalation vulnerabilities. These issues often stem from insecure default configurations, weak authentication mechanisms, and unpatched web interface components. Notable incidents include the discovery of backdoors in certain firmware versions and widespread exploitation of unauthenticated access points, which allowed attackers to gain full system control. The high volume of CVEs reflects the complexity of its web-based management interfaces and the persistent targeting of IoT devices by threat actors. Users are advised to maintain strict update protocols and disable unnecessary services to mitigate these known risks effectively.

Top products by Synology: DiskStation Manager (DSM) Synology Router Manager (SRM) Surveillance Station Synology Photo Station Synology DiskStation Manager (DSM) Photo Station Camera Firmware Calendar Synology Drive Client Media Server Synology Calendar Note Station BeeDrive for desktop Synology Active Backup for Business Agent Drive Download Station Audio Station Synology SSL VPN Client Synology Download Station Active Backup for Business Chat SSO Server Synology Video Station Application Service Synology Drive Server Office CardDAV Server Safe Access Presto File Server MailPlus Server
CVE IDTitleCVSSSeverityPublished
CVE-2017-15894 Synology DiskStation Manager 路径遍历漏洞 — Synology DiskStation Manager (DSM)CWE-22 6.5 -2017-12-08
CVE-2017-15895 Synology Router Manager 路径遍历漏洞 — Synology Router Manager (SRM)CWE-22 6.5 -2017-12-08
CVE-2017-12079 Synology Photo Station 安全漏洞 — Photo StationCWE-552 7.5 -2017-12-04
CVE-2017-12080 Synology Photo Station 信息泄露漏洞 — Photo StationCWE-200 7.5 -2017-12-04
CVE-2017-15889 Synology DiskStation Manager 命令注入漏洞 — DiskStation Manager (DSM)CWE-77 8.8 -2017-12-04
CVE-2017-15887 Synology CardDAV Server 信任管理漏洞 — Synology CardDAV ServerCWE-307 9.8 -2017-11-07
CVE-2017-15888 Synology Audio Station 跨站脚本漏洞 — Synology Audio StationCWE-79 5.4 -2017-10-30
CVE-2017-11161 Synology Photo Station SQL注入漏洞 — Synology Photo StationCWE-89 9.8 -2017-09-08
CVE-2017-11162 Synology Photo Station 路径遍历漏洞 — Synology Photo StationCWE-22 6.5 -2017-09-08
CVE-2017-12071 Synology Photo Station 安全漏洞 — Synology Photo StationCWE-918 6.5 -2017-09-08
CVE-2017-11158 Synology Cloud Station Drive for Windows 安装程序漏洞 — Cloud Station DriveCWE-427 7.8 -2017-08-31
CVE-2017-9555 Synology Photo Station 跨站脚本漏洞 — Synology Photo StationCWE-79 6.1 -2017-08-24
CVE-2017-12074 Synology DNS Server 路径遍历漏洞 — Synology DNS ServerCWE-22 6.5 -2017-08-24
CVE-2017-11159 Synology Photo Station Uploader for Windows 安全漏洞 — Photo Station UploaderCWE-427 7.8 -2017-08-23
CVE-2017-11149 Synology Download Station 安全漏洞 — Synology Download StationCWE-918 6.5 -2017-08-14
CVE-2017-11156 Synology Download Station 安全漏洞 — Synology Download StationCWE-276 7.8 -2017-08-14
CVE-2017-9556 Synology Video Station 跨站脚本漏洞 — Synology Video StationCWE-79 5.4 -2017-08-11
CVE-2017-11148 Synology Chat 安全漏洞 — Synology ChatCWE-918 4.3 -2017-08-11
CVE-2017-11151 Synology Photo Station 安全漏洞 — Synology Photo StationCWE-287 9.8 -2017-08-08
CVE-2017-11152 Synology Photo Station 路径遍历漏洞 — Synology Photo StationCWE-22 7.5 -2017-08-08
CVE-2017-11153 Synology Photo Station 安全漏洞 — Synology Photo StationCWE-502 9.8 -2017-08-08
CVE-2017-11154 Synology Photo Station 安全漏洞 — Synology Photo StationCWE-434 6.5 -2017-08-08
CVE-2017-11155 Synology Photo Station 信息泄露漏洞 — Synology Photo StationCWE-205 7.5 -2017-08-08
CVE-2015-9102 Synology Photo Station 跨站脚本漏洞 — Photo StationCWE-79 5.4 -2017-06-30
CVE-2015-9103 Synology Note Station 跨站脚本漏洞 — Note StationCWE-79 5.4 -2017-06-30
CVE-2015-9104 Synology Audio Station 跨站脚本漏洞 — Audio StationCWE-79 5.4 -2017-06-30
CVE-2015-9105 Synology Video Station 跨站脚本漏洞 — Video StationCWE-79 5.4 -2017-06-30
CVE-2017-9552 Synology Photo Station 安全漏洞 — Synology Photo StationCWE-522 7.8 -2017-06-13
CVE-2016-10329 Synology Photo Station 命令注入漏洞 — Synology Photo StationCWE-77 9.8 -2017-05-12
CVE-2016-10330 Synology Photo Station 路径遍历漏洞 — Synology Photo StationCWE-22 5.5 -2017-05-12

This page lists every published CVE security advisory associated with Synology. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.