Synology DiskStation Manager (DMS) versions prior to 6.1.3-15152 suffer from a forget_passwd.cgi user enumeration vulnerability.
badeff38c0b5be1a4c2359ece25657ca8c8f3d34316f5218270d5f7e18e562d5
The Microsoft IIS UrlScan module suffers from a bypass vulnerability.
54497e82b70415d781fcd57707a5cb05e7acb0d1698546f2269bbbfaf32e45ea