1. Symantec/
  2. Security Response/
  3. Attack Signatures/
  4. Attack: Synology Photo Station RCE

Attack: Synology Photo Station RCE

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature detects attempts to execute arbitrary cod and execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site, potentially allowing the attacker to steal cookie-based authentication credentials. Other attacks are also possible.

Additional Information

Synology Photo Station is an application for sharing your photos, videos, and blogs over the Internet.

Synology DiskStation Manager is prone to the following security vulnerabilities because it fails to properly sanitize user-supplied input:

1. Multiple cross-site scripting vulnerabilities affect the following scripts and parameters:

'login.php' : 'Success'
'index.php' : 'URL'

2. A command-injection vulnerability affects the 'description' parameter of the 'UpdateDescriptionMetadata()' function. An attacker can use this issue to compromise a Synology DiskStation NAS, including all data stored on the NAS.

Attackers may exploit these issues to execute arbitrary commands and execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site, potentially allowing the attacker to steal cookie-based authentication credentials. Other attacks are also possible.

Synology Photo Station 6.2-2858 is vulnerable; other versions may also be affected.

Affected

  • Synology Photo Station

Response

Updates are available. Please see the references or vendor advisory for more information.
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube