cvelistv5 - cve-2021-26567

CVE-2021-26567 (GCVE-0-2021-26567)

Vulnerability from cvelistv5 – Published: 2021-02-26 21:45 – Updated: 2024-09-16 19:56

Summary

Stack-based buffer overflow vulnerability in frontend/main.c in faad2 before 2.2.7.1 allow local attackers to execute arbitrary code via filename and pathname options.

Severity ?

No CVSS data available.

CWE

CWE-121 - Stack-based Buffer Overflow

Assigner

synology

References

URL

Tags

	https://www.synology.com/security/advisory/Synolo…	x_refsource_CONFIRM
	https://github.com/knik0/faad2/commit/720f7004d6c…	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	github/knik0	faad2	Affected: unspecified , < 2.2.7.1 (custom)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T20:26:25.524Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.synology.com/security/advisory/Synology_SA_20_26"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/knik0/faad2/commit/720f7004d6c4aabee19aad16e7c456ed76a3ebfa"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "faad2",
          "vendor": "github/knik0",
          "versions": [
            {
              "lessThan": "2.2.7.1",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2021-02-26T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Stack-based buffer overflow vulnerability in frontend/main.c in faad2 before 2.2.7.1 allow local attackers to execute arbitrary code via filename and pathname options."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-121",
              "description": "CWE-121: Stack-based Buffer Overflow",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-03-12T13:40:10",
        "orgId": "db201096-a0cc-46c7-9a55-61d9e221bf01",
        "shortName": "synology"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.synology.com/security/advisory/Synology_SA_20_26"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/knik0/faad2/commit/720f7004d6c4aabee19aad16e7c456ed76a3ebfa"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@synology.com",
          "DATE_PUBLIC": "2021-02-26T00:00:00",
          "ID": "CVE-2021-26567",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "faad2",
                      "version": {
                        "version_data": [
                          {
                            "affected": "\u003c",
                            "version_affected": "\u003c",
                            "version_value": "2.2.7.1"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "github/knik0"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Stack-based buffer overflow vulnerability in frontend/main.c in faad2 before 2.2.7.1 allow local attackers to execute arbitrary code via filename and pathname options."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-121: Stack-based Buffer Overflow"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.synology.com/security/advisory/Synology_SA_20_26",
              "refsource": "CONFIRM",
              "url": "https://www.synology.com/security/advisory/Synology_SA_20_26"
            },
            {
              "name": "https://github.com/knik0/faad2/commit/720f7004d6c4aabee19aad16e7c456ed76a3ebfa",
              "refsource": "MISC",
              "url": "https://github.com/knik0/faad2/commit/720f7004d6c4aabee19aad16e7c456ed76a3ebfa"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "db201096-a0cc-46c7-9a55-61d9e221bf01",
    "assignerShortName": "synology",
    "cveId": "CVE-2021-26567",
    "datePublished": "2021-02-26T21:45:35.788553Z",
    "dateReserved": "2021-02-02T00:00:00",
    "dateUpdated": "2024-09-16T19:56:15.211Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:synology:diskstation_manager:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"6.2.3-25426-3\", \"matchCriteriaId\": \"D3A47DA1-91A8-408B-9985-59C64DFF81DC\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:synology:vs960hd_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3D0C5120-B961-440F-B454-584BC54B549C\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:synology:vs960hd:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1CCBDFF9-AF42-4681-879B-CF789EBAD130\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:synology:skynas_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"53EF087B-D7E9-4F9A-803A-B0260C495C67\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:synology:skynas:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D0A88A76-CF8A-4D29-B480-E5317219072D\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:synology:diskstation_manager_unified_controller:3.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6B04366E-B5F8-4835-B1FB-106AFD3D3785\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:synology:uc3200:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1100D972-198E-45F9-8F04-763F6FE88377\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:faad2_project:faad2:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"2.2.7.1\", \"matchCriteriaId\": \"201E5CDD-7F7D-44BB-80F8-C23DF44C2AAC\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Stack-based buffer overflow vulnerability in frontend/main.c in faad2 before 2.2.7.1 allow local attackers to execute arbitrary code via filename and pathname options.\"}, {\"lang\": \"es\", \"value\": \"La vulnerabilidad de desbordamiento de b\\u00fafer basada en la pila en frontend/main.c en faad2 versiones anteriores a 2.2.7.1 permite a los atacantes locales ejecutar c\\u00f3digo arbitrario a trav\\u00e9s de las opciones de nombre de archivo y ruta.\"}]",
      "id": "CVE-2021-26567",
      "lastModified": "2024-11-21T05:56:29.997",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 7.8, \"baseSeverity\": \"HIGH\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 1.8, \"impactScore\": 5.9}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:S/C:P/I:P/A:P\", \"baseScore\": 6.5, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"SINGLE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 8.0, \"impactScore\": 6.4, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2021-02-26T22:15:20.707",
      "references": "[{\"url\": \"https://github.com/knik0/faad2/commit/720f7004d6c4aabee19aad16e7c456ed76a3ebfa\", \"source\": \"security@synology.com\", \"tags\": [\"Patch\"]}, {\"url\": \"https://www.synology.com/security/advisory/Synology_SA_20_26\", \"source\": \"security@synology.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://github.com/knik0/faad2/commit/720f7004d6c4aabee19aad16e7c456ed76a3ebfa\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\"]}, {\"url\": \"https://www.synology.com/security/advisory/Synology_SA_20_26\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
      "sourceIdentifier": "security@synology.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"security@synology.com\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-121\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-787\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2021-26567\",\"sourceIdentifier\":\"security@synology.com\",\"published\":\"2021-02-26T22:15:20.707\",\"lastModified\":\"2025-01-14T19:29:55.853\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Stack-based buffer overflow vulnerability in frontend/main.c in faad2 before 2.2.7.1 allow local attackers to execute arbitrary code via filename and pathname options.\"},{\"lang\":\"es\",\"value\":\"La vulnerabilidad de desbordamiento de b\u00fafer basada en la pila en frontend/main.c en faad2 versiones anteriores a 2.2.7.1 permite a los atacantes locales ejecutar c\u00f3digo arbitrario a trav\u00e9s de las opciones de nombre de archivo y ruta.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:S/C:P/I:P/A:P\",\"baseScore\":6.5,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"SINGLE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.0,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"security@synology.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-121\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-787\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:synology:diskstation_manager:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"6.2.3-25426-3\",\"matchCriteriaId\":\"1628C07C-CCA7-463C-AA98-BF86C97B0D58\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:synology:vs960hd_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3D0C5120-B961-440F-B454-584BC54B549C\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:synology:vs960hd:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1CCBDFF9-AF42-4681-879B-CF789EBAD130\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:synology:skynas_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"53EF087B-D7E9-4F9A-803A-B0260C495C67\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:synology:skynas:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D0A88A76-CF8A-4D29-B480-E5317219072D\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:synology:diskstation_manager_unified_controller:3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6B04366E-B5F8-4835-B1FB-106AFD3D3785\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:synology:uc3200:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1100D972-198E-45F9-8F04-763F6FE88377\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:faad2_project:faad2:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.2.7.1\",\"matchCriteriaId\":\"201E5CDD-7F7D-44BB-80F8-C23DF44C2AAC\"}]}]}],\"references\":[{\"url\":\"https://github.com/knik0/faad2/commit/720f7004d6c4aabee19aad16e7c456ed76a3ebfa\",\"source\":\"security@synology.com\",\"tags\":[\"Patch\"]},{\"url\":\"https://www.synology.com/security/advisory/Synology_SA_20_26\",\"source\":\"security@synology.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://github.com/knik0/faad2/commit/720f7004d6c4aabee19aad16e7c456ed76a3ebfa\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://www.synology.com/security/advisory/Synology_SA_20_26\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}"
  }
}

GHSA-F4PX-MF48-4H8C

Vulnerability from github – Published: 2022-05-24 17:43 – Updated: 2023-06-26 21:30

Details

Use of unmaintained third party components vulnerability in faad in Synology DiskStation Manager (DSM) before 6.2.3-25426-3 allows remote authenticated users to execute arbitrary code via a crafted file path.

Severity ?

7.8 (High)


                  
                    CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2021-26567"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-121",
      "CWE-787"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-02-26T22:15:00Z",
    "severity": "HIGH"
  },
  "details": "Use of unmaintained third party components vulnerability in faad in Synology DiskStation Manager (DSM) before 6.2.3-25426-3 allows remote authenticated users to execute arbitrary code via a crafted file path.",
  "id": "GHSA-f4px-mf48-4h8c",
  "modified": "2023-06-26T21:30:51Z",
  "published": "2022-05-24T17:43:20Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-26567"
    },
    {
      "type": "WEB",
      "url": "https://github.com/knik0/faad2/commit/720f7004d6c4aabee19aad16e7c456ed76a3ebfa"
    },
    {
      "type": "WEB",
      "url": "https://www.synology.com/security/advisory/Synology_SA_20_26"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

VAR-202102-1231

Vulnerability from variot - Updated: 2023-12-18 12:35

Stack-based buffer overflow vulnerability in frontend/main.c in faad2 before 2.2.7.1 allow local attackers to execute arbitrary code via filename and pathname options. faad2 Contains an unspecified vulnerability.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. Synology DiskStation Manager (DSM) is an operating system for network storage servers (NAS) developed by Synology, Taiwan. The operating system can manage data, documents, photos, music and other information

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-202102-1231",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "skynas",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "synology",
        "version": null
      },
      {
        "model": "vs960hd",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "synology",
        "version": null
      },
      {
        "model": "diskstation manager",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "synology",
        "version": "6.2.3-25426-3"
      },
      {
        "model": "faad2",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "faad2",
        "version": "2.2.7.1"
      },
      {
        "model": "diskstation manager unified controller",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "synology",
        "version": "3.0"
      },
      {
        "model": "diskstation manager",
        "scope": null,
        "trust": 0.8,
        "vendor": "synology",
        "version": null
      },
      {
        "model": "diskstation manager unified controller",
        "scope": null,
        "trust": 0.8,
        "vendor": "synology",
        "version": null
      },
      {
        "model": "skynas",
        "scope": null,
        "trust": 0.8,
        "vendor": "synology",
        "version": null
      },
      {
        "model": "vs960hd",
        "scope": null,
        "trust": 0.8,
        "vendor": "synology",
        "version": null
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-004180"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-26567"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:synology:diskstation_manager:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "6.2.3-25426-3",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:synology:vs960hd_firmware:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:synology:vs960hd:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:synology:skynas_firmware:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:synology:skynas:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:synology:diskstation_manager_unified_controller:3.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:synology:uc3200:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:faad2_project:faad2:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "2.2.7.1",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2021-26567"
      }
    ]
  },
  "cve": "CVE-2021-26567",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "author": "NVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.0,
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "MEDIUM",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Low",
            "accessVector": "Network",
            "authentication": "Single",
            "author": "NVD",
            "availabilityImpact": "Partial",
            "baseScore": 6.5,
            "confidentialityImpact": "Partial",
            "exploitabilityScore": null,
            "id": "CVE-2021-26567",
            "impactScore": null,
            "integrityImpact": "Partial",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "Medium",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.0,
            "id": "VHN-385708",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:S/C:P/I:P/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "author": "NVD",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 1.8,
            "impactScore": 5.9,
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Network",
            "author": "NVD",
            "availabilityImpact": "High",
            "baseScore": 8.8,
            "baseSeverity": "High",
            "confidentialityImpact": "High",
            "exploitabilityScore": null,
            "id": "CVE-2021-26567",
            "impactScore": null,
            "integrityImpact": "High",
            "privilegesRequired": "Low",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2021-26567",
            "trust": 1.8,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-202102-1702",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "VULHUB",
            "id": "VHN-385708",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-385708"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-004180"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-26567"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202102-1702"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Stack-based buffer overflow vulnerability in frontend/main.c in faad2 before 2.2.7.1 allow local attackers to execute arbitrary code via filename and pathname options. faad2 Contains an unspecified vulnerability.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. Synology DiskStation Manager (DSM) is an operating system for network storage servers (NAS) developed by Synology, Taiwan. The operating system can manage data, documents, photos, music and other information",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2021-26567"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-004180"
      },
      {
        "db": "VULHUB",
        "id": "VHN-385708"
      }
    ],
    "trust": 1.71
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2021-26567",
        "trust": 2.5
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-004180",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202102-1702",
        "trust": 0.6
      },
      {
        "db": "VULHUB",
        "id": "VHN-385708",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-385708"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-004180"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-26567"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202102-1702"
      }
    ]
  },
  "id": "VAR-202102-1231",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-385708"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2023-12-18T12:35:09.234000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Synology-SA-20",
        "trust": 0.8,
        "url": "https://www.synology.com/security/advisory/synology_sa_20_26"
      },
      {
        "title": "Synology DiskStation Manager Security vulnerabilities",
        "trust": 0.6,
        "url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=142938"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-004180"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202102-1702"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-787",
        "trust": 1.0
      },
      {
        "problemtype": "Other (CWE-Other) [NVD Evaluation ]",
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-004180"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-26567"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.5,
        "url": "https://github.com/knik0/faad2/commit/720f7004d6c4aabee19aad16e7c456ed76a3ebfa"
      },
      {
        "trust": 1.7,
        "url": "https://www.synology.com/security/advisory/synology_sa_20_26"
      },
      {
        "trust": 1.4,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2021-26567"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-385708"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-004180"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-26567"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202102-1702"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-385708"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-004180"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-26567"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202102-1702"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2021-02-26T00:00:00",
        "db": "VULHUB",
        "id": "VHN-385708"
      },
      {
        "date": "2021-11-16T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2021-004180"
      },
      {
        "date": "2021-02-26T22:15:20.707000",
        "db": "NVD",
        "id": "CVE-2021-26567"
      },
      {
        "date": "2021-02-26T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202102-1702"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2021-03-12T00:00:00",
        "db": "VULHUB",
        "id": "VHN-385708"
      },
      {
        "date": "2021-11-16T06:39:00",
        "db": "JVNDB",
        "id": "JVNDB-2021-004180"
      },
      {
        "date": "2023-06-26T19:20:46.277000",
        "db": "NVD",
        "id": "CVE-2021-26567"
      },
      {
        "date": "2023-06-27T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202102-1702"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "local",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202102-1702"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "faad2\u00a0 Vulnerability in",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-004180"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "buffer error",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202102-1702"
      }
    ],
    "trust": 0.6
  }
}

CNVD-2021-13681

Vulnerability from cnvd - Published: 2021-03-02

Title

Synology DiskStation Manager使用未维护第三方组件漏洞

Description

Synology DiskStation Manager（DSM）是中国台湾群晖科技（Synology）公司的一套用于网络储存服务器（NAS）上的操作系统。该操作系统可管理资料、文件、照片、音乐等信息。 Synology DiskStation Manager 6.2.3-25426-3之前版本中的faad存在安全漏洞。远程认证用户可通过特制文件路径利用该漏洞执行任意代码。

Severity

高

Patch Name

Synology DiskStation Manager使用未维护第三方组件漏洞的补丁

Patch Description

Formal description

厂商已发布了漏洞修复程序，请及时关注更新： https://www.synology.com/en-global/security/advisory/Synology_SA_20_26

Reference

https://nvd.nist.gov/vuln/detail/CVE-2021-26567

Impacted products

Name
Synology DiskStation Manager <6.2.3-25426-3

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2021-26567",
      "cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2021-26567"
    }
  },
  "description": "Synology DiskStation Manager\uff08DSM\uff09\u662f\u4e2d\u56fd\u53f0\u6e7e\u7fa4\u6656\u79d1\u6280\uff08Synology\uff09\u516c\u53f8\u7684\u4e00\u5957\u7528\u4e8e\u7f51\u7edc\u50a8\u5b58\u670d\u52a1\u5668\uff08NAS\uff09\u4e0a\u7684\u64cd\u4f5c\u7cfb\u7edf\u3002\u8be5\u64cd\u4f5c\u7cfb\u7edf\u53ef\u7ba1\u7406\u8d44\u6599\u3001\u6587\u4ef6\u3001\u7167\u7247\u3001\u97f3\u4e50\u7b49\u4fe1\u606f\u3002\n\nSynology DiskStation Manager 6.2.3-25426-3\u4e4b\u524d\u7248\u672c\u4e2d\u7684faad\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u8fdc\u7a0b\u8ba4\u8bc1\u7528\u6237\u53ef\u901a\u8fc7\u7279\u5236\u6587\u4ef6\u8def\u5f84\u5229\u7528\u8be5\u6f0f\u6d1e\u6267\u884c\u4efb\u610f\u4ee3\u7801\u3002",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://www.synology.com/en-global/security/advisory/Synology_SA_20_26",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2021-13681",
  "openTime": "2021-03-02",
  "patchDescription": "Synology DiskStation Manager\uff08DSM\uff09\u662f\u4e2d\u56fd\u53f0\u6e7e\u7fa4\u6656\u79d1\u6280\uff08Synology\uff09\u516c\u53f8\u7684\u4e00\u5957\u7528\u4e8e\u7f51\u7edc\u50a8\u5b58\u670d\u52a1\u5668\uff08NAS\uff09\u4e0a\u7684\u64cd\u4f5c\u7cfb\u7edf\u3002\u8be5\u64cd\u4f5c\u7cfb\u7edf\u53ef\u7ba1\u7406\u8d44\u6599\u3001\u6587\u4ef6\u3001\u7167\u7247\u3001\u97f3\u4e50\u7b49\u4fe1\u606f\u3002\r\n\r\nSynology DiskStation Manager 6.2.3-25426-3\u4e4b\u524d\u7248\u672c\u4e2d\u7684faad\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u8fdc\u7a0b\u8ba4\u8bc1\u7528\u6237\u53ef\u901a\u8fc7\u7279\u5236\u6587\u4ef6\u8def\u5f84\u5229\u7528\u8be5\u6f0f\u6d1e\u6267\u884c\u4efb\u610f\u4ee3\u7801\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Synology DiskStation Manager\u4f7f\u7528\u672a\u7ef4\u62a4\u7b2c\u4e09\u65b9\u7ec4\u4ef6\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "Synology DiskStation Manager \u003c6.2.3-25426-3"
  },
  "referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2021-26567",
  "serverity": "\u9ad8",
  "submitTime": "2021-03-01",
  "title": "Synology DiskStation Manager\u4f7f\u7528\u672a\u7ef4\u62a4\u7b2c\u4e09\u65b9\u7ec4\u4ef6\u6f0f\u6d1e"
}

GSD-2021-26567

Vulnerability from gsd - Updated: 2023-12-13 01:23

Details

Stack-based buffer overflow vulnerability in frontend/main.c in faad2 before 2.2.7.1 allow local attackers to execute arbitrary code via filename and pathname options.

Aliases

CVE-2021-26567

Aliases

CVE-2021-26567

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2021-26567",
    "description": "Stack-based buffer overflow vulnerability in frontend/main.c in faad2 before 2.2.7.1 allow local attackers to execute arbitrary code via filename and pathname options.",
    "id": "GSD-2021-26567"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2021-26567"
      ],
      "details": "Stack-based buffer overflow vulnerability in frontend/main.c in faad2 before 2.2.7.1 allow local attackers to execute arbitrary code via filename and pathname options.",
      "id": "GSD-2021-26567",
      "modified": "2023-12-13T01:23:33.635218Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "security@synology.com",
        "DATE_PUBLIC": "2021-02-26T00:00:00",
        "ID": "CVE-2021-26567",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "faad2",
                    "version": {
                      "version_data": [
                        {
                          "affected": "\u003c",
                          "version_value": "2.2.7.1"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "github/knik0"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Stack-based buffer overflow vulnerability in frontend/main.c in faad2 before 2.2.7.1 allow local attackers to execute arbitrary code via filename and pathname options."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "CWE-121: Stack-based Buffer Overflow"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://www.synology.com/security/advisory/Synology_SA_20_26",
            "refsource": "CONFIRM",
            "url": "https://www.synology.com/security/advisory/Synology_SA_20_26"
          },
          {
            "name": "https://github.com/knik0/faad2/commit/720f7004d6c4aabee19aad16e7c456ed76a3ebfa",
            "refsource": "MISC",
            "url": "https://github.com/knik0/faad2/commit/720f7004d6c4aabee19aad16e7c456ed76a3ebfa"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:synology:diskstation_manager:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "6.2.3-25426-3",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:synology:vs960hd_firmware:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:synology:vs960hd:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:synology:skynas_firmware:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:synology:skynas:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:synology:diskstation_manager_unified_controller:3.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:synology:uc3200:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:faad2_project:faad2:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "2.2.7.1",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "security@synology.com",
          "ID": "CVE-2021-26567"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Stack-based buffer overflow vulnerability in frontend/main.c in faad2 before 2.2.7.1 allow local attackers to execute arbitrary code via filename and pathname options."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-787"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.synology.com/security/advisory/Synology_SA_20_26",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://www.synology.com/security/advisory/Synology_SA_20_26"
            },
            {
              "name": "https://github.com/knik0/faad2/commit/720f7004d6c4aabee19aad16e7c456ed76a3ebfa",
              "refsource": "MISC",
              "tags": [
                "Patch"
              ],
              "url": "https://github.com/knik0/faad2/commit/720f7004d6c4aabee19aad16e7c456ed76a3ebfa"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.5,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 8.0,
          "impactScore": 6.4,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "exploitabilityScore": 1.8,
          "impactScore": 5.9
        }
      },
      "lastModifiedDate": "2023-06-26T19:20Z",
      "publishedDate": "2021-02-26T22:15Z"
    }
  }
}

FKIE_CVE-2021-26567

Vulnerability from fkie_nvd - Published: 2021-02-26 22:15 - Updated: 2025-01-14 19:29

Severity ?

7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Summary

Stack-based buffer overflow vulnerability in frontend/main.c in faad2 before 2.2.7.1 allow local attackers to execute arbitrary code via filename and pathname options.

References

URL	Tags
security@synology.com	https://github.com/knik0/faad2/commit/720f7004d6c4aabee19aad16e7c456ed76a3ebfa	Patch
security@synology.com	https://www.synology.com/security/advisory/Synology_SA_20_26	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://github.com/knik0/faad2/commit/720f7004d6c4aabee19aad16e7c456ed76a3ebfa	Patch
af854a3a-2127-422b-91ae-364da2661108	https://www.synology.com/security/advisory/Synology_SA_20_26	Vendor Advisory

Impacted products

Vendor	Product	Version
synology	diskstation_manager	*
synology	vs960hd_firmware	-
synology	vs960hd	-
synology	skynas_firmware	-
synology	skynas	-
synology	diskstation_manager_unified_controller	3.0
synology	uc3200	-
faad2_project	faad2	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:synology:diskstation_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1628C07C-CCA7-463C-AA98-BF86C97B0D58",
              "versionEndExcluding": "6.2.3-25426-3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:synology:vs960hd_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3D0C5120-B961-440F-B454-584BC54B549C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:synology:vs960hd:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1CCBDFF9-AF42-4681-879B-CF789EBAD130",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:synology:skynas_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "53EF087B-D7E9-4F9A-803A-B0260C495C67",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:synology:skynas:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D0A88A76-CF8A-4D29-B480-E5317219072D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:synology:diskstation_manager_unified_controller:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B04366E-B5F8-4835-B1FB-106AFD3D3785",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:synology:uc3200:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1100D972-198E-45F9-8F04-763F6FE88377",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:faad2_project:faad2:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "201E5CDD-7F7D-44BB-80F8-C23DF44C2AAC",
              "versionEndExcluding": "2.2.7.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Stack-based buffer overflow vulnerability in frontend/main.c in faad2 before 2.2.7.1 allow local attackers to execute arbitrary code via filename and pathname options."
    },
    {
      "lang": "es",
      "value": "La vulnerabilidad de desbordamiento de b\u00fafer basada en la pila en frontend/main.c en faad2 versiones anteriores a 2.2.7.1 permite a los atacantes locales ejecutar c\u00f3digo arbitrario a trav\u00e9s de las opciones de nombre de archivo y ruta."
    }
  ],
  "id": "CVE-2021-26567",
  "lastModified": "2025-01-14T19:29:55.853",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2021-02-26T22:15:20.707",
  "references": [
    {
      "source": "security@synology.com",
      "tags": [
        "Patch"
      ],
      "url": "https://github.com/knik0/faad2/commit/720f7004d6c4aabee19aad16e7c456ed76a3ebfa"
    },
    {
      "source": "security@synology.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.synology.com/security/advisory/Synology_SA_20_26"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "https://github.com/knik0/faad2/commit/720f7004d6c4aabee19aad16e7c456ed76a3ebfa"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.synology.com/security/advisory/Synology_SA_20_26"
    }
  ],
  "sourceIdentifier": "security@synology.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-121"
        }
      ],
      "source": "security@synology.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-787"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2021-26567 (GCVE-0-2021-26567)

GHSA-F4PX-MF48-4H8C

VAR-202102-1231

CNVD-2021-13681

GSD-2021-26567

FKIE_CVE-2021-26567

Tags

Sightings

Nomenclature