AI description
CVE-2024-10441 is a vulnerability affecting Synology BeeStation Manager (BSM) and Synology DiskStation Manager (DSM). Specifically, it involves an improper encoding or escaping of output within the system plugin daemon. This vulnerability allows remote attackers to execute arbitrary code through unspecified vectors. The affected products are Synology BeeStation Manager (BSM) before 1.1-65374 and Synology DiskStation Manager (DSM) before 7.2-64570-4, 7.2.1-69057-6 and 7.2.2-72806-1.
- Description
- Improper encoding or escaping of output vulnerability in the system plugin daemon in Synology BeeStation Manager (BSM) before 1.1-65374 and Synology DiskStation Manager (DSM) before 7.2-64570-4, 7.2.1-69057-6 and 7.2.2-72806-1 allow remote attackers to execute arbitrary code via unspecified vectors.
- Source
- security@synology.com
- NVD status
- Received
CVSS 3.1
- Type
- Secondary
- Base score
- 9.8
- Impact score
- 5.9
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- CRITICAL
- security@synology.com
- CWE-116
- Hype score
- Not currently trending
Vulnerabilidad crítica de Synology permite a atacantes ejecutar código arbitrario de forma remota Synology’s DiskStation Manager (DSM) CVE-2024-10441 https://t.co/b5gMuifh3w… https://t.co/bBFgSKh8vf
@doncaptador
22 Mar 2025
25 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Vulnerabilidad crítica de Synology permite a atacantes ejecutar código arbitrario de forma remota Synology’s DiskStation Manager (DSM) CVE-2024-10441 https://t.co/ViBiT4wIOy https://t.co/cOjBKmYeTx
@elhackernet
21 Mar 2025
6000 Impressions
24 Retweets
80 Likes
17 Bookmarks
0 Replies
1 Quote
Warning: Attackers can exploit critical vulnerability CVE-2024-10441 (CVSS 9.8) in various versions of #Synology BeeStation Manager (BSM), DiskStation Manager (DSM), and Unified Controller (DSMUC) to execute remote code. Advisory available at:https://t.co/rGH7G44zhX #Patch #Patch
@CCBalert
19 Mar 2025
109 Impressions
2 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-10441 (CVSS 9.8): Synology Patches Critical Code Execution Flaw A severe remote code execution vulnerability in multiple Synology products has been patched to prevent exploitation. https://t.co/aoSpqQFNZ3 #Cybersecurity #RCE #SynologySecurity
@adriananglin
19 Mar 2025
8 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-10441 Improper encoding or escaping of output vulnerability in the system plugin daemon in Synology BeeStation Manager (BSM) before 1.1-65374, Synology DiskStation Manager … https://t.co/VKENG8plrb
@CVEnew
19 Mar 2025
503 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[CVE-2024-10441: CRITICAL] Vulnerabilities in Synology DSM & BSM can expose systems to remote code execution via unescaped output. Update to DSM 6.2.4-25556-8 or later to mitigate risks.#cybersecurity,#vulnerability https://t.co/owu5TcLyKb https://t.co/d6unXLv6rF
@CveFindCom
19 Mar 2025
51 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes