Shodan
Vulnerabilities
Vulnerable Software
Synology:  >> Surveillance Station  Security Vulnerabilities
CVE-2024-47272
Incorrect authorization vulnerability in IO Module functionality in Synology Surveillance Station before 9.2.2-11575 and 9.2.2-9575 allows remote authenticated users with administrator privileges to limited file write via unspecified vectors.
CVSS Score
2.7
EPSS Score
0.0
Published
2026-05-27
CVE-2024-47267
Improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in Archiving Pull functionality in Synology Surveillance Station before 9.2.2-11575 and 9.2.2-9575 allows remote authenticated users with administrator privileges to limited file write via unspecified vectors.
CVSS Score
2.7
EPSS Score
0.001
Published
2026-05-27
CVE-2024-47268
Missing authorization vulnerability in AddOns functionality in Synology Surveillance Station before 9.2.2-11575 and 9.2.2-9575 allows remote authenticated users with administrator privileges to obtain sensitive information via unspecified vectors.
CVSS Score
4.9
EPSS Score
0.0
Published
2026-05-27
CVE-2024-47269
Cleartext transmission of sensitive information vulnerability in Export Key functionality in Synology Surveillance Station before 9.2.2-11575 and 9.2.2-9575 allows remote authenticated users with administrator privileges to obtain sensitive information via unspecified vectors.
CVSS Score
4.9
EPSS Score
0.0
Published
2026-05-27
CVE-2024-47270
Improper preservation of permissions vulnerability in Archiving Push functionality in Synology Surveillance Station before 9.2.2-11575 and 9.2.2-9575 allows remote authenticated users with administrator privileges to limited file write via unspecified vectors.
CVSS Score
2.7
EPSS Score
0.0
Published
2026-05-27
CVE-2024-47271
Insufficiently protected credentials vulnerability in IPSpeaker component in Synology Surveillance Station before 9.2.2-11575 and 9.2.2-9575 allows remote authenticated users with administrator privileges to obtain sensitive information via unspecified vectors.
CVSS Score
4.9
EPSS Score
0.0
Published
2026-05-27
CVE-2023-52944
Incorrect authorization vulnerability in ActionRule webapi component in Synology Surveillance Station before 9.2.0-11289 and 9.2.0-9289 allows remote authenticated users to perform limited actions on the set action rules function via unspecified vectors.
CVSS Score
4.3
EPSS Score
0.001
Published
2024-12-04
CVE-2023-52943
Incorrect authorization vulnerability in Alert.Setting webapi component in Synology Surveillance Station before 9.2.0-11289 and 9.2.0-9289 allows remote authenticated users to to perform limited actions on the alerting function via unspecified vectors.
CVSS Score
4.3
EPSS Score
0.001
Published
2024-12-04
CVE-2024-29241
Missing authorization vulnerability in System webapi component in Synology Surveillance Station before 9.2.0-9289 and 9.2.0-11289 allows remote authenticated users to obtain non-sensitive information, write sensitive configurations in DSM, and reboot or shutdown NAS via unspecified vectors.
CVSS Score
9.9
EPSS Score
0.014
Published
2024-03-28
CVE-2024-29240
Missing authorization vulnerability in LayoutSave webapi component in Synology Surveillance Station before 9.2.0-11289 and 9.2.0-9289 allows remote authenticated users to conduct limited denial-of-service attacks via unspecified vectors.
CVSS Score
4.3
EPSS Score
0.004
Published
2024-03-28


Products
Pricing
Contact Us

Shodan ® - All rights reserved