Vulnerability Details CVE-2025-1021
Missing authorization vulnerability in synocopy in Synology DiskStation Manager (DSM) before 7.1.1-42962-8, 7.2.1-69057-7 and 7.2.2-72806-3 allows remote attackers to read arbitrary files via unspecified vectors.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 19.4%
CVSS Severity
CVSS v3 Score 7.5
Products affected by CVE-2025-1021
-
cpe:2.3:o:synology:diskstation_manager:7.1
-
cpe:2.3:o:synology:diskstation_manager:7.1-42661
-
cpe:2.3:o:synology:diskstation_manager:7.1-42661-1
-
cpe:2.3:o:synology:diskstation_manager:7.1-42661-2
-
cpe:2.3:o:synology:diskstation_manager:7.1-42661-3
-
cpe:2.3:o:synology:diskstation_manager:7.1-42661-4
-
cpe:2.3:o:synology:diskstation_manager:7.1.1-42962
-
cpe:2.3:o:synology:diskstation_manager:7.1.1-42962-1
-
cpe:2.3:o:synology:diskstation_manager:7.1.1-42962-2
-
cpe:2.3:o:synology:diskstation_manager:7.1.1-42962-3
-
cpe:2.3:o:synology:diskstation_manager:7.1.1-42962-4
-
cpe:2.3:o:synology:diskstation_manager:7.1.1-42962-5
-
cpe:2.3:o:synology:diskstation_manager:7.1.1-42962-6
-
cpe:2.3:o:synology:diskstation_manager:7.1.1-42962-7
-
cpe:2.3:o:synology:diskstation_manager:7.2.1-69057
-
cpe:2.3:o:synology:diskstation_manager:7.2.1-69057-1
-
cpe:2.3:o:synology:diskstation_manager:7.2.1-69057-2
-
cpe:2.3:o:synology:diskstation_manager:7.2.1-69057-3
-
cpe:2.3:o:synology:diskstation_manager:7.2.1-69057-4
-
cpe:2.3:o:synology:diskstation_manager:7.2.1-69057-5
-
cpe:2.3:o:synology:diskstation_manager:7.2.1-69057-6
-
cpe:2.3:o:synology:diskstation_manager:7.2.2
-
cpe:2.3:o:synology:diskstation_manager:7.2.2-72803
-
cpe:2.3:o:synology:diskstation_manager:7.2.2-72806
-
cpe:2.3:o:synology:diskstation_manager:7.2.2-72806-1
-
cpe:2.3:o:synology:diskstation_manager:7.2.2-72806-2