{"api_version":"1","generated_at":"2026-04-25T03:02:22+00:00","cve":"CVE-2021-31439","urls":{"html":"https://cve.report/CVE-2021-31439","api":"https://cve.report/api/cve/CVE-2021-31439.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2021-31439","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2021-31439"},"summary":{"title":"CVE-2021-31439","description":"This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Synology DiskStation Manager. Authentication is not required to exploit this vulnerablity. The specific flaw exists within the processing of DSI structures in Netatalk. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-12326.","state":"PUBLIC","assigner":"zdi-disclosures@trendmicro.com","published_at":"2021-05-21 15:15:00","updated_at":"2023-11-22 20:34:00"},"problem_types":["CWE-787"],"metrics":[],"references":[{"url":"https://www.zerodayinitiative.com/advisories/ZDI-21-492/","name":"https://www.zerodayinitiative.com/advisories/ZDI-21-492/","refsource":"MISC","tags":[],"title":"ZDI-21-492 | Zero Day Initiative","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://www.synology.com/zh-hk/security/advisory/Synology_SA_20_26","name":"https://www.synology.com/zh-hk/security/advisory/Synology_SA_20_26","refsource":"MISC","tags":[],"title":"Synology 產品安全性諮詢 | Synology Incorporated","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://security.gentoo.org/glsa/202311-02","name":"GLSA-202311-02","refsource":"GENTOO","tags":[],"title":"Netatalk: Multiple Vulnerabilities including root remote code execution (GLSA 202311-02) — Gentoo security","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://www.debian.org/security/2023/dsa-5503","name":"DSA-5503","refsource":"DEBIAN","tags":[],"title":"Debian -- Security Information -- DSA-5503-1 netatalk","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://lists.debian.org/debian-lts-announce/2023/05/msg00018.html","name":"[debian-lts-announce] 20230516 [SECURITY] [DLA 3426-1] netatalk security update","refsource":"MLIST","tags":[],"title":"[SECURITY] [DLA 3426-1] netatalk security update","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://www.cve.org/CVERecord?id=CVE-2021-31439","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-31439","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2021","cve_id":"31439","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"debian","cpe5":"debian_linux","cpe6":"10.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"31439","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"debian","cpe5":"debian_linux","cpe6":"11.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"31439","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"netatalk","cpe5":"netatalk","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"31439","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"synology","cpe5":"diskstation_manager","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[{"cve":"CVE-2021-31439","qid":"181789","title":"Debian Security Update for netatalk (DLA 3426-1)"},{"cve":"CVE-2021-31439","qid":"199403","title":"Ubuntu Security Notification for Netatalk Vulnerabilities (USN-6146-1)"},{"cve":"CVE-2021-31439","qid":"502549","title":"Alpine Linux Security Update for netatalk"},{"cve":"CVE-2021-31439","qid":"505087","title":"Alpine Linux Security Update for netatalk"},{"cve":"CVE-2021-31439","qid":"6000181","title":"Debian Security Update for netatalk (DSA 5503-1)"},{"cve":"CVE-2021-31439","qid":"710785","title":"Gentoo Linux Netatalk Multiple Vulnerabilities including root Remote Code Execution (RCE) (GLSA 202311-02)"},{"cve":"CVE-2021-31439","qid":"752037","title":"SUSE Enterprise Linux Security Update for netatalk (SUSE-SU-2022:1184-1)"}]},"source_records":{"cve_program":{"CVE_data_meta":{"ASSIGNER":"zdi-disclosures@trendmicro.com","ID":"CVE-2021-31439","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"DiskStation Manager","version":{"version_data":[{"version_value":"6.1.1-15101-4"}]}}]},"vendor_name":"Synology"}]}},"credit":"Angelboy(@scwuaptx) from DEVCORE Security Team","data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Synology DiskStation Manager. Authentication is not required to exploit this vulnerablity. The specific flaw exists within the processing of DSI structures in Netatalk. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-12326."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"CWE-122: Heap-based Buffer Overflow"}]}]},"references":{"reference_data":[{"url":"https://www.zerodayinitiative.com/advisories/ZDI-21-492/","refsource":"MISC","name":"https://www.zerodayinitiative.com/advisories/ZDI-21-492/"},{"url":"https://www.synology.com/zh-hk/security/advisory/Synology_SA_20_26","refsource":"MISC","name":"https://www.synology.com/zh-hk/security/advisory/Synology_SA_20_26"},{"refsource":"MLIST","name":"[debian-lts-announce] 20230516 [SECURITY] [DLA 3426-1] netatalk security update","url":"https://lists.debian.org/debian-lts-announce/2023/05/msg00018.html"},{"refsource":"DEBIAN","name":"DSA-5503","url":"https://www.debian.org/security/2023/dsa-5503"},{"refsource":"GENTOO","name":"GLSA-202311-02","url":"https://security.gentoo.org/glsa/202311-02"}]},"impact":{"cvss":{"vectorString":"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","version":"3.0"}}},"nvd":{"publishedDate":"2021-05-21 15:15:00","lastModifiedDate":"2023-11-22 20:34:00","problem_types":["CWE-787"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.1","vectorString":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","attackVector":"ADJACENT_NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":8.8,"baseSeverity":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9},"baseMetricV2":{"cvssV2":{"version":"2.0","vectorString":"AV:A/AC:L/Au:N/C:P/I:P/A:P","accessVector":"ADJACENT_NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL","baseScore":5.8},"severity":"MEDIUM","exploitabilityScore":6.5,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:synology:diskstation_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"6.2","versionEndExcluding":"6.2.3-25426-3","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:netatalk:netatalk:*:*:*:*:*:*:*:*","versionEndExcluding":"3.1.13","cpe_name":[]}]}]}},"legacy_mitre":{"record":{"CveYear":"2021","CveId":"31439","Ordinal":"206729","Title":"CVE-2021-31439","CVE":"CVE-2021-31439","Year":"2021"},"notes":[{"CveYear":"2021","CveId":"31439","Ordinal":"1","NoteData":"This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Synology DiskStation Manager. Authentication is not required to exploit this vulnerablity. The specific flaw exists within the processing of DSI structures in Netatalk. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-12326.","Type":"Description","Title":null},{"CveYear":"2021","CveId":"31439","Ordinal":"2","NoteData":"2021-05-21","Type":"Other","Title":"Published"},{"CveYear":"2021","CveId":"31439","Ordinal":"3","NoteData":"2021-05-21","Type":"Other","Title":"Modified"}]}}}