Synology Video Station — known CVE vulnerabilities
Every CVE whose affected-product data names Synology Video Station, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (6)
CVE-2015-6912 — CVSS 10.0 (critical): Synology Video Station before 1.5-0763 allows remote attackers to execute arbitrary shell commands via shell metacharacters in the…
CVE-2015-6910 — CVSS 7.5 (high): SQL injection vulnerability in Synology Video Station before 1.5-0757 allows remote attackers to execute arbitrary SQL commands via the id…
CVE-2015-6911 — CVSS 7.5 (high): SQL injection vulnerability in Synology Video Station before 1.5-0763 allows remote attackers to execute arbitrary SQL commands via the id…
CVE-2021-33181 — CVSS 6.6 (medium): Server-Side Request Forgery (SSRF) vulnerability in webapi component in Synology Video Station before 2.4.10-1632 allows remote…
CVE-2015-9105 — CVSS 5.4 (medium): Multiple cross-site scripting (XSS) vulnerabilities in Synology Video Station 1.2 before 1.2-0455, 1.5 before 1.5-0772, and 1.6 before…
CVE-2017-9556 — CVSS 5.4 (medium): Cross-site scripting (XSS) vulnerability in Video Metadata Editor in Synology Video Station before 2.3.0-1435 allows remote authenticated…