SQL Injection Vulnerability in Synology DiskStation Manager (DSM) Log Management Functionality

SQL Injection Vulnerability in Synology DiskStation Manager (DSM) Log Management Functionality

CVE-2021-43925 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Improper neutralization of special elements used in an SQL command ('SQL Injection') vulnerability in Log Management functionality in Synology DiskStation Manager (DSM) before 7.0.1-42218-2 allows remote attackers to inject SQL commands via unspecified vectors.

Learn more about our Cis Benchmark Audit For Microsoft Sql Server.