Synology-SA-25:04 SRM
Publish Time: UTC+8
Last Updated: UTC+8
- Severity
- Moderate
- Status
- Resolved
Abstract
Multiple vulnerabilities allow remote authenticated users to read or write non-sensitive files.
Affected Products
| Product | Severity | Fixed Release Availability |
|---|---|---|
| SRM 1.3 | Moderate | Upgrade to 1.3.1-9346-13 or above. |
Mitigation
None
Detail
CVE-2025-29843
- Severity: Moderate
- CVSS3 Base Score: 5.4
- CVSS3 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
- CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
- A vulnerability in FileStation thumb cgi allows remote authenticated users to read/write image files.
CVE-2025-29844
- Severity: Moderate
- CVSS3 Base Score: 4.3
- CVSS3 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
- CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
- A vulnerability in FileStation file cgi allows remote authenticated users to read file metadata and path information.
CVE-2025-29845
- Severity: Moderate
- CVSS3 Base Score: 4.3
- CVSS3 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
- CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
- A vulnerability in VideoPlayer2 subtitle cgi allows remote authenticated users to read .srt files.
CVE-2025-29846
- Severity: Moderate
- CVSS3 Base Score: 7.2
- CVSS3 Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
- CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
- A vulnerability in portenable cgi allows remote authenticated users to get the status of installed packages.
Acknowledgement
Qian Chen (@cq674350529) from Codesafe Team of Legendsec at QI-ANXIN Group
Reference
Revision
| Revision | Date | Description |
|---|---|---|
| 1 | 2025-03-14 | Initial public release. |
| 2 | 2025-12-04 | Disclosed vulnerability details. |