Summary
Security updates address a vulnerability in Synology’s DiskStation Manager (DSM) product. The vulnerability could allow an attacker to read arbitrary files via the Network File System (NFS) service.
Risk
Community Impact Estimate for the Vulnerability: Medium (63.46)
Type
- Arbitrary File Read
Affected Products and Versions
Synology
- DSM 7.2.2, versions prior to 7.2.2-72806-3
- DSM 7.2.1, versions prior to 7.2.1-69057-7
- DSM 7.1, versions prior to 7.1.1-42962-8
Mitigation Actions
In line with vendor statements, it is recommended to update vulnerable products as indicated in the security bulletins in the References section.
1This estimate is made taking into account several parameters, including: CVSS, availability of patches/workarounds and PoC, diffusion of the affected software/devices in the reference community.
