Vulnerability Details CVE-2024-10441
Improper encoding or escaping of output vulnerability in the system plugin daemon in Synology BeeStation OS (BSM) before 1.1-65374 and Synology DiskStation Manager (DSM) before 7.2-64570-4, 7.2.1-69057-6 and 7.2.2-72806-1 allows remote attackers to execute arbitrary code via unspecified vectors.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.005
EPSS Ranking 66.5%
CVSS Severity
CVSS v3 Score 9.8
References
Products affected by CVE-2024-10441
-
cpe:2.3:o:synology:beestation_os:1.0
-
cpe:2.3:o:synology:beestation_os:1.0.1
-
cpe:2.3:o:synology:beestation_os:1.0.2
-
cpe:2.3:o:synology:beestation_os:1.1
-
cpe:2.3:o:synology:diskstation_manager:7.2
-
cpe:2.3:o:synology:diskstation_manager:7.2-64561
-
cpe:2.3:o:synology:diskstation_manager:7.2-64570
-
cpe:2.3:o:synology:diskstation_manager:7.2-64570-1
-
cpe:2.3:o:synology:diskstation_manager:7.2-64570-2
-
cpe:2.3:o:synology:diskstation_manager:7.2-64570-3
-
cpe:2.3:o:synology:diskstation_manager:7.2.1-69057
-
cpe:2.3:o:synology:diskstation_manager:7.2.1-69057-1
-
cpe:2.3:o:synology:diskstation_manager:7.2.1-69057-2
-
cpe:2.3:o:synology:diskstation_manager:7.2.1-69057-3
-
cpe:2.3:o:synology:diskstation_manager:7.2.1-69057-4
-
cpe:2.3:o:synology:diskstation_manager:7.2.1-69057-5
-
cpe:2.3:o:synology:diskstation_manager:7.2.2
-
cpe:2.3:o:synology:diskstation_manager:7.2.2-72803
-
cpe:2.3:o:synology:diskstation_manager:7.2.2-72806