CVE-2016-6554

CVE-2016-6554: Synology NAS servers DS107, DS116, and DS213, use default credentials

Vendor Synology
Product NAS server DS107
Weakness CWE-255
Published July 13, 2018
Last update August 6, 2024

CVSS base score

What the vulnerability does

01Description

Synology NAS servers DS107, firmware version 3.1-1639 and prior, and DS116, DS213, firmware versions prior to 5.2-5644-1, use non-random default credentials of: guest:(blank) and admin:(blank) . A remote network attacker can gain privileged access to a vulnerable device.

Key dates

02Disclosure timeline

July 13, 2018 CVE published
August 6, 2024 Record updated