Vulnerability-Lookup - Search a vulnerability

Vulnerabilites related to Synology - Synology Photos

CVE-2024-10443 (GCVE-0-2024-10443)

Vulnerability from cvelistv5

Published

2024-11-15 10:23

Modified

2025-09-16 06:02

Severity ?

9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE

CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

Summary

Improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability in Task Manager component in Synology BeePhotos before 1.0.2-10026 and 1.1.0-10053 and Synology Photos before 1.6.2-0720 and 1.7.0-0795 allows remote attackers to execute arbitrary code via unspecified vectors.

References

▼	URL	Tags
	https://www.synology.com/en-global/security/advisory/Synology_SA_24_18	vendor-advisory
	https://www.synology.com/en-global/security/advisory/Synology_SA_24_19	vendor-advisory

Impacted products

Vendor

Product

Version

▼

Synology

BeePhotos

Version: * ≤
Version: * ≤

Synology

Synology Photos

Version: * ≤
Version: * ≤

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:synology:photo_station:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "photo_station",
            "vendor": "synology",
            "versions": [
              {
                "lessThan": "1.6.2-0720",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-10443",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-15T17:35:15.333270Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-15T17:42:41.931Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "affected",
          "product": "BeePhotos",
          "vendor": "Synology",
          "versions": [
            {
              "lessThan": "1.1.0-10053",
              "status": "affected",
              "version": "*",
              "versionType": "semver"
            },
            {
              "lessThan": "1.0.2-10026",
              "status": "affected",
              "version": "*",
              "versionType": "semver"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Synology Photos",
          "vendor": "Synology",
          "versions": [
            {
              "lessThan": "1.7.0-0795",
              "status": "affected",
              "version": "*",
              "versionType": "semver"
            },
            {
              "lessThan": "1.6.2-0720",
              "status": "affected",
              "version": "*",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "PHP Hooligans / Midnight Blue working with Trend Micro Zero Day Initiative"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Improper neutralization of special elements used in an OS command (\u0027OS Command Injection\u0027) vulnerability in Task Manager component in Synology BeePhotos before 1.0.2-10026 and 1.1.0-10053 and Synology Photos before 1.6.2-0720 and 1.7.0-0795 allows remote attackers to execute arbitrary code via unspecified vectors."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-78",
              "description": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-09-16T06:02:16.158Z",
        "orgId": "db201096-a0cc-46c7-9a55-61d9e221bf01",
        "shortName": "synology"
      },
      "references": [
        {
          "name": "Synology-SA-24:18 BeePhotos (PWN2OWN 2024)",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.synology.com/en-global/security/advisory/Synology_SA_24_18"
        },
        {
          "name": "Synology-SA-24:19 Synology Photos (PWN2OWN 2024)",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.synology.com/en-global/security/advisory/Synology_SA_24_19"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "db201096-a0cc-46c7-9a55-61d9e221bf01",
    "assignerShortName": "synology",
    "cveId": "CVE-2024-10443",
    "datePublished": "2024-11-15T10:23:51.233Z",
    "dateReserved": "2024-10-28T02:34:40.599Z",
    "dateUpdated": "2025-09-16T06:02:16.158Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}