Synology Beestation Os vulnerabilities
4 known vulnerabilities affecting synology/beestation_os.
Total CVEs
4
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL2MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2025-12686P3CRITICALCVSS 9.8≥ 1.0, < 1.3.2≥ 1.3, < 1.3.2-65648+3 more2026-05-27
CVE-2025-12686 [CRITICAL] CWE-120 CVE-2025-12686: Buffer copy without checking size of input ('Classic Buffer Overflow') vulnerability in AdminCenter
Buffer copy without checking size of input ('Classic Buffer Overflow') vulnerability in AdminCenter in Synology BeeStation OS before 1.3.2-65648 allows remote attackers to execute arbitrary code via unspecified vectors.
nvd
CVE-2024-10441P3CRITICALCVSS 9.8v1.0v1.0.1+4 more2025-03-19
CVE-2024-10441 [CRITICAL] CWE-116 CVE-2024-10441: Improper encoding or escaping of output vulnerability in the system plugin daemon in Synology BeeSta
Improper encoding or escaping of output vulnerability in the system plugin daemon in Synology BeeStation OS (BSM) before 1.1-65374 and Synology DiskStation Manager (DSM) before 7.2-64570-4, 7.2.1-69057-6 and 7.2.2-72806-1 allows remote attackers to execute arbitrary code via unspecified vectors.
nvd
CVE-2024-50629P3MEDIUMCVSS 5.3v1.0v1.0.1+4 more2025-03-19
CVE-2024-50629 [MEDIUM] CWE-116 CVE-2024-50629: Improper encoding or escaping of output vulnerability in the webapi component in Synology BeeStation
Improper encoding or escaping of output vulnerability in the webapi component in Synology BeeStation OS (BSM) before 1.1-65374 and Synology DiskStation Manager (DSM) before 7.1.1-42962-7, 7.2-64570-4, 7.2.1-69057-6 and 7.2.2-72806-1 allow remote attackers to read limited files via unspecified vectors.
nvd
CVE-2024-10445P4MEDIUMCVSS 5.3v1.0v1.0.1+4 more2025-03-19
CVE-2024-10445 [MEDIUM] CWE-295 CVE-2024-10445: Improper certificate validation vulnerability in the update functionality in Synology BeeStation OS
Improper certificate validation vulnerability in the update functionality in Synology BeeStation OS (BSM) before 1.1-65374 and Synology DiskStation Manager (DSM) before 6.2.4-25556-8, 7.1.1-42962-7, 7.2-64570-4, 7.2.1-69057-6 and 7.2.2-72806-1 allow remote attackers to write limited files via unspecified vectors.
nvd