Important Information Regarding PHP 7.0 Vulnerability (CVE-2017-5340)

Publish Time: 2017-01-23 00:00:00 UTC+8

Last Updated: 2017-01-23 12:00:00 UTC+8

Severity: Important

Status: Resolved

Description

A security vulnerability regarding PHP (CVE-2017-5340) has been identified which allows remote attackers to execute arbitrary code or cause a denial of service via object injection.

Severity

Important

Update Availability

To fix the security issues, please go to DSM > Package Center, install the latest version 7.0.15-0019 of PHP 7.0 to protect your Synology NAS from malicious attacks.

References

https://bugs.php.net/bug.php?id=73832
https://security.archlinux.org/CVE-2017-5340
https://cxsecurity.com/cveshow/CVE-2017-5340