Synology DiskStation Manager
Moderate fix2 remedies
cpe:2.3:a:synology:diskstation_manager:*:*:*:*:*:*:*, +1 more
Moderate fix2 remedies
- < 7.2.1-69057-2
- < 7.2.2-72806
Synology DiskStation Manager and Unified Controller Out-of-Bounds Write Vulnerability Leading to Denial-of-Service
Vulnerability
Patched
An out-of-bounds write vulnerability has been identified in the CGI components of Synology DiskStation Manager (DSM) versions prior to 7.2.1-69057-2 and 7.2.2-72806, as well as in Synology Unified Controller (DSMUC) versions prior to 3.1.4-23079. This vulnerability allows remote attackers to conduct denial-of-service attacks via unspecified vectors.
Impact
Exploitation of this vulnerability can lead to denial-of-service conditions, causing the system to become unresponsive or unavailable.
Remediation
Users can upgrade to Synology DiskStation Manager (DSM) 7.2.2-72806 or above, or DSM 7.2.1-69057-2 or above. For Synology Unified Controller (DSMUC), users should upgrade to version 3.1.4-23079 or above.
Added: Dec 4, 2025, 3:32 PM
Updated: Dec 4, 2025, 6:25 PM
Vulnerability Rating
Custom Algorithm
spread
8.1impact
2.5exploitability
7.0remediation
7.7relevance
1.3threat
0.0urgency
2.9incentive
5.8Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.