What the vulnerability does

01Description

Command injection vulnerability in smart.cgi in Synology DiskStation Manager (DSM) before 5.2-5967-5 allows remote authenticated users to execute arbitrary commands via disk field.

Key dates

02Disclosure timeline

December 4, 2017 CVE published
September 16, 2024 Record updated