CyberSec.Space Logo
返回 CVE 浏览器

CVE-2021-26569

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.1790%
EPSS Percentile26.16th
Published2021年3月12日
Last Modified2025年1月14日

Vulnerability Description

Race Condition within a Thread vulnerability in iscsi_snapshot_comm_core in Synology DiskStation Manager (DSM) before 6.2.3-25426-3 allows remote attackers to execute arbitrary code via crafted web requests.

Affected Platforms (CPE)

💻
Synology

Diskstation Manager

< 6.2.3-25426-3

References & Advisories

🔗 https://www.synology.com/security/advisory/Synology_SA_20_26
🔗 https://www.zerodayinitiative.com/advisories/ZDI-21-338/
🔗 https://www.synology.com/security/advisory/Synology_SA_20_26
🔗 https://www.zerodayinitiative.com/advisories/ZDI-21-338/

相关漏洞威胁

CVE-2013-695510.0

webman/imageSelector.cgi in Synology DiskStation Manager (DSM) 4.0 before 4.0-2259, 4.2 before 4.2-3243, and 4.3 before 4.3-3810 U...

CVE-2021-276499.8

Use after free vulnerability in file transfer protocol component in Synology DiskStation Manager (DSM) before 6.2.3-25426-3 allows...

CVE-2021-276469.8

Use After Free vulnerability in iscsi_snapshot_comm_core in Synology DiskStation Manager (DSM) before 6.2.3-25426-3 allows remote ...

CVE-2021-276479.8

Out-of-bounds Read vulnerability in iscsi_snapshot_comm_core in Synology DiskStation Manager (DSM) before 6.2.3-25426-3 allows rem...

CVE-2021-26569 Detail & Impact Analysis | CVSS 9.8 (CRITICAL) | Cyber-Sec.Space | Cyber-Sec.Space