AI description
CVE-2024-10441 is a vulnerability affecting Synology BeeStation Manager (BSM) and Synology DiskStation Manager (DSM). Specifically, it involves an improper encoding or escaping of output within the system plugin daemon. This vulnerability allows remote attackers to execute arbitrary code through unspecified vectors. The affected products are Synology BeeStation Manager (BSM) before 1.1-65374 and Synology DiskStation Manager (DSM) before 7.2-64570-4, 7.2.1-69057-6 and 7.2.2-72806-1.
- Description
- Improper encoding or escaping of output vulnerability in the system plugin daemon in Synology BeeStation OS (BSM) before 1.1-65374 and Synology DiskStation Manager (DSM) before 7.2-64570-4, 7.2.1-69057-6 and 7.2.2-72806-1 allows remote attackers to execute arbitrary code via unspecified vectors.
- Source
- security@synology.com
- NVD status
- Analyzed
- Products
- beestation_os, diskstation_manager
CVSS 3.1
- Type
- Secondary
- Base score
- 9.8
- Impact score
- 5.9
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- CRITICAL
- security@synology.com
- CWE-116
Hype score is a measure of social media activity compared against trending CVEs from the past 12 months. Max score 100.
- Hype score
9
🚨 TrustWallet Hacker Infrastructure Discovered A hacked Synology NAS running DSM 6.2.4 is likely vulnerable to RCE (CVE-2024-10441) IOCs: metrics-trustwallet[.]com 138.124.70[.]40 141.224.241[.]45 At https://t.co/MUdaGoASoS, we track when Web2 is weaponized in Web3 attacks
@chainaraio
26 Dec 2025
5310 Impressions
2 Retweets
7 Likes
0 Bookmarks
2 Replies
1 Quote
Vulnerabilidad crítica de Synology permite a atacantes ejecutar código arbitrario de forma remota Synology’s DiskStation Manager (DSM) CVE-2024-10441 https://t.co/b5gMuifh3w… https://t.co/bBFgSKh8vf
@doncaptador
22 Mar 2025
25 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Vulnerabilidad crítica de Synology permite a atacantes ejecutar código arbitrario de forma remota Synology’s DiskStation Manager (DSM) CVE-2024-10441 https://t.co/ViBiT4wIOy https://t.co/cOjBKmYeTx
@elhackernet
21 Mar 2025
6000 Impressions
24 Retweets
80 Likes
17 Bookmarks
0 Replies
1 Quote
Warning: Attackers can exploit critical vulnerability CVE-2024-10441 (CVSS 9.8) in various versions of #Synology BeeStation Manager (BSM), DiskStation Manager (DSM), and Unified Controller (DSMUC) to execute remote code. Advisory available at:https://t.co/rGH7G44zhX #Patch #Patch
@CCBalert
19 Mar 2025
109 Impressions
2 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-10441 (CVSS 9.8): Synology Patches Critical Code Execution Flaw A severe remote code execution vulnerability in multiple Synology products has been patched to prevent exploitation. https://t.co/aoSpqQFNZ3 #Cybersecurity #RCE #SynologySecurity
@adriananglin
19 Mar 2025
8 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-10441 Improper encoding or escaping of output vulnerability in the system plugin daemon in Synology BeeStation Manager (BSM) before 1.1-65374, Synology DiskStation Manager … https://t.co/VKENG8plrb
@CVEnew
19 Mar 2025
503 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[CVE-2024-10441: CRITICAL] Vulnerabilities in Synology DSM & BSM can expose systems to remote code execution via unescaped output. Update to DSM 6.2.4-25556-8 or later to mitigate risks.#cybersecurity,#vulnerability https://t.co/owu5TcLyKb https://t.co/d6unXLv6rF
@CveFindCom
19 Mar 2025
51 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:synology:beestation_os:1.0:-:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F498216A-5ABD-4DCB-A149-F4D41D9022E5"
},
{
"criteria": "cpe:2.3:o:synology:beestation_os:1.0:65145:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1006E9A9-86FB-4580-8278-8865B1646A00"
},
{
"criteria": "cpe:2.3:o:synology:beestation_os:1.0:65149:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "254081F3-13E2-40ED-A543-11DA03CEA508"
},
{
"criteria": "cpe:2.3:o:synology:beestation_os:1.0:65162:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "41B53AE7-424C-49F5-8F99-3FDA8FCC6D05"
},
{
"criteria": "cpe:2.3:o:synology:beestation_os:1.0.1:65210:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DF7FFADA-CEB5-4869-9B38-8C58CE4FE673"
},
{
"criteria": "cpe:2.3:o:synology:beestation_os:1.0.2:65233:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "312D9B7F-DFE1-403E-B78B-5F79423F4E2F"
},
{
"criteria": "cpe:2.3:o:synology:beestation_os:1.0.2:65235:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "12C2383E-4C52-4A8B-8540-597E307C80BD"
},
{
"criteria": "cpe:2.3:o:synology:beestation_os:1.1:-:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E6960C0C-01BF-437C-931A-6375ED673513"
},
{
"criteria": "cpe:2.3:o:synology:beestation_os:1.1:65373:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "327C73CB-CE4C-4909-95E4-0423E47B175D"
},
{
"criteria": "cpe:2.3:o:synology:diskstation_manager:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3A7DC498-96F4-4BD4-BC5F-A6F44D4240AB",
"versionEndExcluding": "7.2-64570-4",
"versionStartIncluding": "7.2"
},
{
"criteria": "cpe:2.3:o:synology:diskstation_manager:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "265810D3-F94D-4023-B53C-F82E32B9A451",
"versionEndExcluding": "7.2.1-69057-6",
"versionStartIncluding": "7.2.1-69057"
},
{
"criteria": "cpe:2.3:o:synology:diskstation_manager:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B1205204-6FAC-4211-9AAA-1998A106AF9F",
"versionEndExcluding": "7.2.2-72806-1",
"versionStartIncluding": "7.2.2"
}
],
"operator": "OR"
}
]
}
]