Security Advisory

CVE-2024-50631

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-03-19 05:50:08

Last updated 2025-03-19 14:37:54

Assigner synology

State PUBLISHED

Description

Improper neutralization of special elements used in an SQL command (SQL Injection) vulnerability in the system syncing daemon in Synology Drive Server before 3.0.4-12699, 3.2.1-23280, 3.5.0-26085 and 3.5.1-26102 allows remote attackers to inject SQL commands, limited to write operations, via unspecified vectors.

← Browse all CVEs View on cve.org ↗