Detections
Analytics
Synology DiskStation Manager 4.0-x < 4.0-2259 / 4.1-x / 4.2-x < 4.2-3243 SLICEUPLOAD Function Remote Code Execution
critical Nessus Plugin ID 72342
Language:
Synopsis
The remote Synology DiskStation Manager is affected by a remote code execution vulnerability.Description
According to its version number, the Synology DiskStation Manager installed on the remote host is affected by a remote code execution vulnerability. The issue exists due to improper validation of values submitted in the 'X-TMP-FILE' header field along with the 'X-TYPE-NAME: SLICEUPLOAD' header field to the 'imageSelector.cgi' script.Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
Solution
Upgrade to 4.0-2259 / 4.2-3243 / 4.3-3810 Update 1 or later, or contact the vendor.See Also
https://www.securityfocus.com/archive/1/531602/30/0/threaded
Plugin Details
Severity: Critical
ID: 72342
File Name: synology_dsm_4_2_3243.nasl
Version: 1.8
Type: remote
Family: CGI abuses
Published: 2/5/2014
Updated: 1/19/2021
Supported Sensors: Nessus
Risk Information
VPR
Risk Factor: High
Score: 7.4
CVSS v2
Risk Factor: Critical
Base Score: 10
Temporal Score: 8.3
Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C
Vulnerability Information
CPE: cpe:/a:synology:diskstation_manager
Required KB Items: www/synology_dsm
Exploit Available: true
Exploit Ease: No exploit is required
Patch Publication Date: 12/19/2013
Vulnerability Publication Date: 1/7/2014
Exploitable With
Metasploit (Synology DiskStation Manager SLICEUPLOAD Remote Command Execution)
Reference Information
CVE: CVE-2013-6955
BID: 64516
CERT: 615910