CVE-2024-29234

CVSS V2 None CVSS V3 None
Description
Improper neutralization of special elements used in an SQL command ('SQL Injection') vulnerability in Group.Save webapi component in Synology Surveillance Station before 9.2.0-11289 and 9.2.0-9289 allows remote authenticated users to inject SQL commands via unspecified vectors.
Overview
  • CVE ID
  • CVE-2024-29234
  • Assigner
  • synology
  • Vulnerability Status
  • PUBLISHED
  • Published Version
  • 2024-03-28T06:26:12.750Z
  • Last Modified Date
  • 2024-06-04T17:57:48.868Z
References
Reference URL Reference Tags
https://www.synology.com/en-global/security/advisory/Synology_SA_24_04 vendor-advisory
History
Created Old Value New Value Data Type Notes
2024-06-26 02:22:27 Added to TrackCVE