Known Vulnerabilities for Download Station by Synology
Listed below are 8 of the newest known vulnerabilities associated with "Download Station" by "Synology".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2021-34811 | Server-Side Request Forgery (SSRF) vulnerability in task management component in Synology Download Station before 3.8.16-3566... | 4.3 - MEDIUM | 2021-06-18 | 2021-06-23 |
| CVE-2021-34810 | Improper privilege management vulnerability in cgi component in Synology Download Station before 3.8.16-3566 allows remote au... | 8.8 - HIGH | 2021-06-18 | 2021-06-24 |
| CVE-2021-34809 | Improper neutralization of special elements used in a command ('Command Injection') vulnerability in task management componen... | 8.8 - HIGH | 2021-06-18 | 2021-06-24 |
| CVE-2021-33184 | Server-Side request forgery (SSRF) vulnerability in task management component in Synology Download Station before 3.8.15-3563... | 7.7 - HIGH | 2021-06-01 | 2021-06-10 |
| CVE-2017-11156 | Synology Download Station 3.8.x before 3.8.5-3475 and 3.x before 3.5-2984 uses weak permissions (0777) for ui/dlm/btsearch di... | 7.8 - HIGH | 2017-08-14 | 2019-10-09 |
| CVE-2017-11149 | Server-side request forgery (SSRF) vulnerability in Downloader in Synology Download Station 3.8.x before 3.8.5-3475 and 3.x b... | 6.5 - MEDIUM | 2017-08-14 | 2019-10-09 |
| CVE-2015-6913 | Cross-site scripting (XSS) vulnerability in the "Create download task via URL" feature in Synology Download Station before 3.... | 4.3 - MEDIUM | 2015-09-11 | 2018-10-09 |
| CVE-2015-6909 | Cross-site scripting (XSS) vulnerability in the "Create download task via file upload" feature in Synology Download Station b... | 4.3 - MEDIUM | 2015-09-11 | 2018-10-09 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Synology | Download Station | 3.8.4-3468 | All | All | All |
| Application | Synology | Download Station | 3.8.3-3458 | All | All | All |
| Application | Synology | Download Station | 3.8.2-3455 | All | All | All |
| Application | Synology | Download Station | 3.8.1-3420 | All | All | All |
| Application | Synology | Download Station | 3.8.0-3416 | All | All | All |
| Application | Synology | Download Station | 3.5-2982 | All | All | All |
| Application | Synology | Download Station | 3.5-2980 | All | All | All |
| Application | Synology | Download Station | 3.5-2973 | All | All | All |
| Application | Synology | Download Station | 3.5-2970 | All | All | All |
| Application | Synology | Download Station | 3.5-2968 | All | All | All |
| Application | Synology | Download Station | 3.5-2967 | All | All | All |
| Application | Synology | Download Station | 3.5-2962 | All | All | All |
| Application | Synology | Download Station | 3.5-2956 | All | All | All |
| Application | Synology | Download Station | 3.5-2955 | All | All | All |
| Application | Synology | Download Station | 3.5-2706 | All | All | All |
| Application | Synology | Download Station | 3.5-2705 | All | All | All |
| Application | Synology | Download Station | 3.5-2638 | All | All | All |
| Application | Synology | Download Station | 3.4-2558 | All | All | All |
| Application | Synology | Download Station | 3.4-2557 | All | All | All |
| Application | Synology | Download Station | 3.4-2555 | All | All | All |