CVE-2021-29089

Publication date

2021-06-02 02:15:10

Family

synology

State

PUBLISHED

Description

Improper neutralization of special elements used in an SQL command (SQL Injection) vulnerability in thumbnail component in Synology Photo Station before 6.8.14-3500 allows remote attackers users to execute arbitrary SQL commands via unspecified vectors.