Important Information Regarding PHP Vulnerability (CVE-2016-7124)
A security vulnerability regarding PHP (CVE-2016-7124) has been identified where remote attackers can perform different kinds of malicious attacks or have other unspecified impacts via object injection.
To fix the security issue, please go to DSM > Package Center and update the following packages to the latest version to protect your Synology NAS from malicious attacks:
- PHP 5.6
- PHP 7.0
Synology will provide the latest version of the following packages in Package Center.
- Available from December 2:
- PHP 5.6.28
- PHP 7.0.13
- Available from December 5:
- phpMyAdmin 4.6.5
- SugarCRM 6.5.24