Synology DSM versions 4.3-3827 and below suffer from a remote blind SQL injection vulnerability.
bac3d28f8c2130affcf2e2e800679a6e686cb21f15e1617359000c1ec96d3327
Synology DiskStation Manager (DMS) versions prior to 6.1.3-15152 suffer from a forget_passwd.cgi user enumeration vulnerability.
badeff38c0b5be1a4c2359ece25657ca8c8f3d34316f5218270d5f7e18e562d5
Synology DSM versions 4.3-3810 and below suffer from multiple directory traversal vulnerabilities.
baddc783cba3ba3012c1d9f37e58531b749662074b81d95266d64e6544b90e21
Synology DSM versions 4.3-3776 and below suffer from remote file download, content disclosure, cross site scripting, and command injection vulnerabilities.
a560d69710d4ba76ec357f35a153ec6e0a5247b97ea46b2af3a6d6381872a32a