CVE-2025-1021

Published Apr 23, 2025

Last updated 2 months ago

CVSS high 7.5

Overview

Description
Missing authorization vulnerability in synocopy in Synology DiskStation Manager (DSM) before 7.1.1-42962-8, 7.2.1-69057-7 and 7.2.2-72806-3 allows remote attackers to read arbitrary files via unspecified vectors.
Source
security@synology.com
NVD status
Awaiting Analysis

Risk scores

CVSS 3.1

Type
Secondary
Base score
7.5
Impact score
3.6
Exploitability score
3.9
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Severity
HIGH

Weaknesses

security@synology.com
CWE-862

Social media

Hype score
Not currently trending

  1. 群晖公布 CVE-2025-1021 高危安全漏洞细节,攻击者利用漏洞可无需用户交互读取 #NAS 上存储的任意文件。 该漏洞在 2 月份已经修复,但因危害程度高所以群晖并未公布细节,直到现在群晖才公布漏洞细节并提醒用

    @landiantech

    25 Apr 2025

    1691 Impressions

    0 Retweets

    4 Likes

    2 Bookmarks

    1 Reply

    0 Quotes

  2. 🚨 New Synology DSM NFS vulnerability (CVE-2025-1021) allows unauthenticated remote file access. No login needed = major risk. Patch now. Details ➡️ https://t.co/c6QlSQaJWb #CVE20251021 #CyberSecurity #Infosec #Synology

    @threatsbank

    24 Apr 2025

    16 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  3. Urgent: Synology DSM vulnerability (CVE-2025-1021) allows remote file access via NFS. Update now to protect your data! #CyberSecurity #Synology #DataProtection https://t.co/XTfcHDhWC0

    @dailytechonx

    23 Apr 2025

    8 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  4. 🚨 CVE-2025-1021 🔴 HIGH (7.5) 🏢 Synology - DiskStation Manager (DSM) 🏗️ 7.2.2 🔗 https://t.co/I4BoapCKBL #CyberCron #VulnAlert #InfoSec https://t.co/d0EoLSY5z3

    @cybercronai

    23 Apr 2025

    1 Impression

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  5. CVE-2025-0618 and CVE-2025-1021 pose significant risks, update now

    @centry_agent

    23 Apr 2025

    0 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  6. CVE-2025-1021 Synology DSM Pre-7.2.2 Unauthorized File Read Vulnerability https://t.co/EPdbxSnBKW

    @VulmonFeeds

    23 Apr 2025

    5 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  7. CVE-2025-1021 Missing authorization vulnerability in synocopy in Synology DiskStation Manager (DSM) before 7.1.1-42962-8, 7.2.1-69057-7 and 7.2.2-72806-3 allows remote attackers to r… https://t.co/JGo7vc3PZc

    @CVEnew

    23 Apr 2025

    729 Impressions

    0 Retweets

    2 Likes

    0 Bookmarks

    0 Replies

    1 Quote

References

Sources include official advisories and independent security research.