Improper neutralization of special elements used in a command ('Command Injection') vulnerability in Task Manager component in Synology BeePhotos before 1.0.2-10026 and 1.1.0-10053 and Synology Photos before 1.6.2-0720 and 1.7.0-0795 allows remote attackers to execute arbitrary code via unspecified vectors.
Metrics
Affected Vendors & Products
References
History
Fri, 13 Dec 2024 16:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
CPEs | cpe:2.3:a:synology:photos:*:*:*:*:*:*:*:* |
cpe:2.3:a:synology:beephotos:*:*:*:*:*:beestation_os:*:* cpe:2.3:a:synology:diskstation_manager:7.2.2:*:*:*:*:*:*:* cpe:2.3:a:synology:photos:*:*:*:*:*:diskstation_manager:*:* |
Tue, 19 Nov 2024 19:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Synology beephotos
Synology beestation Os Synology diskstation Manager Synology photos |
|
CPEs | cpe:2.3:a:synology:beephotos:*:*:*:*:*:*:*:* cpe:2.3:a:synology:diskstation_manager:7.2:*:*:*:*:*:*:* cpe:2.3:a:synology:photos:*:*:*:*:*:*:*:* cpe:2.3:o:synology:beestation_os:1.0:*:*:*:*:*:*:* cpe:2.3:o:synology:beestation_os:1.1:*:*:*:*:*:*:* |
|
Vendors & Products |
Synology beephotos
Synology beestation Os Synology diskstation Manager Synology photos |
Fri, 15 Nov 2024 18:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Synology
Synology photo Station |
|
CPEs | cpe:2.3:a:synology:photo_station:*:*:*:*:*:*:*:* | |
Vendors & Products |
Synology
Synology photo Station |
|
Metrics |
ssvc
|
Fri, 15 Nov 2024 10:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | Improper neutralization of special elements used in a command ('Command Injection') vulnerability in Task Manager component in Synology BeePhotos before 1.0.2-10026 and 1.1.0-10053 and Synology Photos before 1.6.2-0720 and 1.7.0-0795 allows remote attackers to execute arbitrary code via unspecified vectors. | |
Weaknesses | CWE-77 | |
References |
| |
Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: synology
Published: 2024-11-15T10:23:51.233Z
Updated: 2024-11-15T17:42:41.931Z
Reserved: 2024-10-28T02:34:40.599Z
Link: CVE-2024-10443
Vulnrichment
Updated: 2024-11-15T17:42:07.286Z
NVD
Status : Analyzed
Published: 2024-11-15T11:15:09.750
Modified: 2024-12-13T16:13:38.183
Link: CVE-2024-10443
Redhat
No data.