distance QNAP announced new vulnerabilities last weekSynology is now also reporting several vulnerabilities in its Router Manager (SRM). Users should update to SRM 1.3-9193 immediately. The vulnerability is listed under the name Synology-SA-22:07 SRM. Attackers can, among other things, perform SQL injections using an authenticated remote user. This means that the device can be completely hacked.
Discovered at the end of April 2022 and managed under Synology-SA-22 ID: 06 Netatalk, the vulnerability has so far been only discovered in DiskStation Manager (DSM) version 7.1. Here users need to update to version 7.1-42661-1 or later. Work on patching DSM 7.0 and 6.2 is currently ongoing. Additionally, the security update for VS Firmware 2.3 and SRM 1.2 is still pending. A complete overview of all current vulnerabilities can be found here.
As always, when you turn on the NAS, the device must not be connected to the Internet directly. If possible, it is recommended not to allow access to the NAS over the Internet. Firmware updates can also be performed offline.
“Social media evangelist. Baconaholic. Devoted reader. Twitter scholar. Avid coffee trailblazer.”
More Stories
Galaxy Z Fold 8 Ultra Leaks Reveal Samsung’s New Foldable Strategy for 2026
Gmail Storage Test Could Reduce Free Space for New Accounts to 5GB
Google’s Gemini Intelligence Features May Leave Many Recent Android Phones Behind