Disclosure List

ProductTitleCVEAdvisoryReport
Synology - Surveillance StationArbitrary Picture DownloadCVE 2017-16770Synology SA-17:77Report
Synology - Photo StationPrivilege Escalation and CSRFCVE 2018-8925 CVE 2018-8926Synology SA-18:15Report
Synology - MomentsRoot command executionCVE 2019-11826Synology SA-19:05
Synology - CalendarUnauthenticated Command ExecutionCVE 2019-11829Synology SA-19:12
Synology - Safe AccessMultiple VulnerabilitiesCVE 2020-27659 CVE 2020-27660Synology SA-20:25Report
Synology SRMReset router with a user accountSynology SA-20:22
SoPlanningSharing Key BypassCVE 2020-25867Report
QNAP - VideoStationUser RCE as RootCVE 2021-28812QNAP QSA-21-21
QNAP - HelpdeskUser enable access to SSH as rootCVE 2021-28814QNAP QSA-21-25Report
Synology - File StationStored XSSCVE 2021-43929Synology SA-22:01
QNAP - VideoStationMultiple VulnerabilitiesCVE 2021-44055 CVE 2021-44056QNAP QSA-22-14Report
QNAP - PhotoStationApplication Privileges Checking BypassCVE 2021-44057QNAP QSA-22-15Report