- Description
- Improper neutralization of special elements used in a command ('Command Injection') vulnerability in Task Manager component in Synology BeePhotos before 1.0.2-10026 and 1.1.0-10053 and Synology Photos before 1.6.2-0720 and 1.7.0-0795 allows remote attackers to execute arbitrary code via unspecified vectors.
- Source
- security@synology.com
- NVD status
- Analyzed
CVSS 3.1
- Type
- Primary
- Base score
- 9.8
- Impact score
- 5.9
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- CRITICAL
- security@synology.com
- CWE-77
- Hype score
- Not currently trending
Synology has released a patch for a critical zero-day vulnerability (CVE-2024-10443) affecting millions of NAS devices, which allows remote code execution without user interaction. Read: https://t.co/k1e1fOdFpu #infosec https://t.co/adnGo8qI4C
@johnwalshiii
13 Jan 2025
25 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Synology has released a patch for a critical zero-day vulnerability (CVE-2024-10443) affecting millions of NAS devices, which allows remote code execution without user interaction. Read: https://t.co/k1e1fOdFpu #infosec https://t.co/tCQ8bdThqF
@johnwalshiii
4 Dec 2024
30 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2024-10443
@transilienceai
24 Nov 2024
14 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Actively exploited CVE : CVE-2024-10443
@transilienceai
20 Nov 2024
14 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Attention Synology Users! A critical zero-click vulnerability (CVE-2024-10443) has been discovered, impacting millions of NAS devices. Known as RISK:STATION, it allows remote code execution without user interaction. https://t.co/BfAYuMcpxq #Synology #Vulnerability #NAS https://t
@weareaegix
18 Nov 2024
48 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2024-10443
@transilienceai
17 Nov 2024
14 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
CVE-2024-10443 Improper neutralization of special elements used in a command ('Command Injection') vulnerability in Task Manager component in Synology BeePhotos before 1.0.2-10026 a… https://t.co/9XwUDdUJEk
@CVEnew
15 Nov 2024
294 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
أصدرت شركة Synology تصحيحًا لثغرة أمنية خطيرة (CVE-2024-10443) تؤثر على ملايين أجهزة NAS، والتي تسمح بتنفيذ التعليمات البرمجية عن بُعد دون تفاعل المستخدم. اقرأ: https://t.co/HzRadiNojZ
@CERT_Arabic
10 Nov 2024
2 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Critical Zero-Click Vulnerability in Synology NAS Devices Needs Urgent Patching https://t.co/YgvdMmCZE4 Overview A recently discovered high-severity vulnerability, tracked as CVE-2024-10443 and dubbed "RISK:STATION," poses a significant threat to Synology NAS users worldwide…
@f1tym1
7 Nov 2024
17 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2024-10443
@transilienceai
6 Nov 2024
8 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
🚨CVE Alert: Critical Synology Remote Code Execution Zero-day Vulnerability 🚨 Vulnerability Details: CVE-2024-10443(Critical) Synology Remote Code Execution Vulnerability Impact A successful exploit allow attackers to gain access to the devices to steal sensitive data.… https:
@CyberxtronTech
6 Nov 2024
58 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Millions of Synology NAS devices vulnerable to zero-click attacks (CVE-2024-10443) https://t.co/s52LVgk5pO
@McsCapsuleTech
6 Nov 2024
25 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Synology Urges Patch for Critical Zero-Click RCE Flaw (CVE-2024-10443) Affecting Millions of NAS Devices. The vulnerability CVE-2024-10443 affects Synology's DiskStation and BeeStation network attached storage (NAS) devices. It is classified as a zero-click flaw, meaning no…
@IntCyberDigest
5 Nov 2024
310 Impressions
1 Retweet
1 Like
0 Bookmarks
1 Reply
0 Quotes
Security Alert: Millions of Synology NAS Devices Exposed to Zero-Click Attacks! Learn more about CVE-2024-10443 and how to protect your data. Read The Full Article Here: https://t.co/8OecZECpKf #CyberSecurity #SynologyAlert #ZeroClickAttack #DataProtection https://t.co/ZxQ7CJYML
@technijian_
5 Nov 2024
24 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
TheHackersNews: Synology has released a patch for a critical zero-day vulnerability (CVE-2024-10443) affecting millions of NAS devices, which allows remote code execution without user interaction. Read: https://t.co/NQtvesMxPL #infosec #cybersecurity #hacking
@jvquantum
5 Nov 2024
38 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Synology has released a patch for a critical zero-day vulnerability (CVE-2024-10443) affecting millions of NAS devices, which allows remote code execution without user interaction. Read: https://t.co/i0EPEMJpvg #infosec #cybersecurity #hacking
@TheHackersNews
5 Nov 2024
42186 Impressions
56 Retweets
100 Likes
26 Bookmarks
1 Reply
4 Quotes
Threat Alert: Millions of Synology NAS devices vulnerable to zero-click attacks (CVE-2024-1044 CVE-2024-10443 Severity: ⚠️ Critical Maturity: 🧨 Trending Learn more: https://t.co/IzjNl6VD59 #CyberSecurity #ThreatIntel #InfoSec
@fletch_ai
5 Nov 2024
49 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Millions of #Synology NAS #devices vulnerable to zero-click attacks (#CVE-2024-10443) https://t.co/NGEQyFt50e
@ScyScan
4 Nov 2024
29 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
#ITSecurity patch available for CVE-2024-10443 ; Synology Photos and BeePhotos for BeeStation software.
@seaarepea
3 Nov 2024
8 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:synology:photos:*:*:*:*:*:diskstation_manager:*:*",
"vulnerable": true,
"matchCriteriaId": "419F75B4-D207-4288-8497-4B3A8C583E46",
"versionEndExcluding": "1.6.2-0720"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:synology:diskstation_manager:7.2:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "5C262042-304B-49DC-BB4B-655C5C36D88C"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:synology:beephotos:*:*:*:*:*:beestation_os:*:*",
"vulnerable": true,
"matchCriteriaId": "47E33443-30C1-42A0-8876-405FD9AC155A",
"versionEndExcluding": "1.1.0-10053"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:synology:beestation_os:1.1:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "E456DD53-9402-48F7-98F8-8CEE480D8337"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:synology:beephotos:*:*:*:*:*:beestation_os:*:*",
"vulnerable": true,
"matchCriteriaId": "A8BA8374-E7BE-406B-82E8-5EDBED2551EF",
"versionEndExcluding": "1.0.2-10026"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:synology:beestation_os:1.0:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "DCDD1FA9-719E-4C69-9D72-29B154E27849"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:synology:photos:*:*:*:*:*:diskstation_manager:*:*",
"vulnerable": true,
"matchCriteriaId": "71B932C6-C930-4C9A-9C75-CFEAFB41BD24",
"versionEndExcluding": "1.7.0-0795"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:synology:diskstation_manager:7.2.2:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "4E22F435-F709-495B-84B4-A478C63331B9"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]