CVE-2021-29084

Improper neutralization of special elements in output used by a downstream component ('Injection') vulnerability in Security Advisor report management component in Synology DiskStation Manager (DSM) before 6.2.3-25426-3 allows remote attackers to read arbitrary files via unspecified vectors.

Link	Resource
https://www.synology.com/security/advisory/Synology_SA_20_26	Vendor Advisory

Configuration 1

cpe:2.3:a:synology:diskstation_manager:*:*:*:*:*:*:*:* cpe:2.3:o:synology:diskstation_manager_unified_controller:*:*:*:*:*:*:*:*

---

Published : 2021-06-23 10:15

Updated : 2021-06-29 07:54

---

NVD link : CVE-2021-29084

Mitre link : CVE-2021-29084

No products.

CWE-74