Synology Active Backup For Business Agent — known CVE vulnerabilities
Every CVE whose affected-product data names Synology Active Backup For Business Agent, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (8)
CVE-2024-47265 — CVSS 6.5 (medium): Improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in encrypted share umount functionality in…
CVE-2025-66592 — CVSS 6.1 (medium): An origin validation error vulnerability in Synology Active Backup for Business Agent before 3.1.0-4967 allows local users to write…
CVE-2023-52949 — CVSS 5.5 (medium): Missing authentication for critical function vulnerability in proxy settings functionality in Synology Active Backup for Business Agent…
CVE-2023-52950 — CVSS 5.3 (medium): Missing encryption of sensitive data vulnerability in login component in Synology Active Backup for Business Agent before 2.7.0-3221 allows…
CVE-2023-52948 — CVSS 5.0 (medium): Missing encryption of sensitive data vulnerability in settings functionality in Synology Active Backup for Business Agent before 2.7.0-3221…
CVE-2024-47264 — CVSS 4.9 (medium): Improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in agent-related functionality in Synology…
CVE-2023-52947 — CVSS 4.0 (medium): Missing authentication for critical function vulnerability in logout functionality in Synology Active Backup for Business Agent before…
CVE-2024-47266 — CVSS 2.7 (low): Improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in share file list functionality in Synology…