Detections
Analytics
CVE-2021-29085
high
Description
Improper neutralization of special elements in output used by a downstream component ('Injection') vulnerability in file sharing management component in Synology DiskStation Manager (DSM) before 6.2.3-25426-3 allows remote attackers to read arbitrary files via unspecified vectors.
References
https://www.synology.com/security/advisory/Synology_SA_20_26