Back to Advisories
🔔 CVE Advisory

Synology Default Package Post-Auth SQL Injection leads to RCE

Synology Package

Synology Default Package Post-Auth SQL Injection leads to RCE Confirmed from vendor, waiting for CVE

Year 2025
Published October 1, 2025

Advisory Information

Affected Product Synology Package
Title Synology Default Package Post-Auth SQL Injection leads to RCE
Description

Synology Default Package Post-Auth SQL Injection leads to RCE Confirmed from vendor, waiting for CVE

Year 2025
Published Date October 1, 2025
View Full CVE Advisory (CVE.org)

Affected Vendors

S
Synology

Research Team

Nguyen Ba Nam Dung
Nguyen Ba Nam Dung
Researcher