CyberSec.Space Logo
Back to CVE Browser

CVE-2021-27649

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.1390%
EPSS Percentile7.40th
PublishedJun 23, 2021
Last ModifiedJan 14, 2025

Vulnerability Description

Use after free vulnerability in file transfer protocol component in Synology DiskStation Manager (DSM) before 6.2.3-25426-3 allows remote attackers to execute arbitrary code via unspecified vectors.

Affected Platforms (CPE)

💻
Synology

Diskstation Manager

>= 6.2 and < 6.2.3-25426-3
💻
Synology

Diskstation Manager Unified Controller

< 3.1-23033

References & Advisories

🔗 https://www.synology.com/security/advisory/Synology_SA_20_26
🔗 https://www.synology.com/security/advisory/Synology_SA_20_26

Related Vulnerabilities

CVE-2013-695510.0

webman/imageSelector.cgi in Synology DiskStation Manager (DSM) 4.0 before 4.0-2259, 4.2 before 4.2-3243, and 4.3 before 4.3-3810 U...

CVE-2021-276479.8

Out-of-bounds Read vulnerability in iscsi_snapshot_comm_core in Synology DiskStation Manager (DSM) before 6.2.3-25426-3 allows rem...

CVE-2021-265699.8

Race Condition within a Thread vulnerability in iscsi_snapshot_comm_core in Synology DiskStation Manager (DSM) before 6.2.3-25426-...

CVE-2021-276469.8

Use After Free vulnerability in iscsi_snapshot_comm_core in Synology DiskStation Manager (DSM) before 6.2.3-25426-3 allows remote ...