Media Server Synology Media Server

Do you want an email whenever new security vulnerabilities are reported in Synology Media Server?

By the Year

In 2024 there have been 0 vulnerabilities in Synology Media Server . Media Server did not have any published security vulnerabilities last year.

Year Vulnerabilities Average Score
2024 0 0.00
2023 0 0.00
2022 0 0.00
2021 2 7.55
2020 0 0.00
2019 0 0.00
2018 1 9.80

It may take a day or so for new Media Server vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Synology Media Server Security Vulnerabilities

Server-Side Request Forgery (SSRF) vulnerability in cgi component in Synology Media Server before 1.8.3-2881

CVE-2021-34808 5.3 - Medium - June 18, 2021

Server-Side Request Forgery (SSRF) vulnerability in cgi component in Synology Media Server before 1.8.3-2881 allows remote attackers to access intranet resources via unspecified vectors.

XSPA

Improper neutralization of special elements used in an SQL command ('SQL Injection') vulnerability in cgi component in Synology Media Server before 1.8.1-2876

CVE-2021-33180 9.8 - Critical - June 01, 2021

Improper neutralization of special elements used in an SQL command ('SQL Injection') vulnerability in cgi component in Synology Media Server before 1.8.1-2876 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

SQL Injection

SQL injection vulnerability in UPnP DMA in Synology Media Server before 1.7.6-2842 and before 1.4-2654

CVE-2018-8914 9.8 - Critical - May 10, 2018

SQL injection vulnerability in UPnP DMA in Synology Media Server before 1.7.6-2842 and before 1.4-2654 allows remote attackers to execute arbitrary SQL commands via the ObjectID parameter.

SQL Injection

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Synology Media Server or by Synology? Click the Watch button to subscribe.

Synology
Vendor

subscribe