CVE-2024-4464
EUVD-2024-4455918.12.2024, 06:15
Authorization bypass through user-controlled key vulnerability in streaming service in Synology Media Server before 1.4-2680, 2.0.5-3152 and 2.2.0-3325 allows remote attackers to read specific files via unspecified vectors.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| synology | media_server | 𝑥 < 1.4-2680 |
| synology | media_server | 2.0.0-11050 ≤ 𝑥 < 2.0.5-3152 |
| synology | media_server | 2.2.0-3324 ≤ 𝑥 < 2.2.0-3325 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration