Safeaccess CVEs and Security Vulnerabilities - OpenCVE

Filtered by vendor Synology Subscriptions

Filtered by product Safeaccess Subscriptions

Search

Switch to Advanced Search (Beta)

Total 3 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2025-10466	1 Synology	3 Router Manager, Safe Access, Safeaccess	2026-06-02	5.9 Medium
Improper neutralization of input during web page generation ('Cross-site Scripting') vulnerability in Safe Access in Synology Safe Access before 1.3.1-0329 allows remote authenticated users with administrator privileges to read or write specific files containing non-sensitive information or conduct limited denial-of-service in SRM.
CVE-2020-27660	1 Synology	1 Safeaccess	2024-11-21	9.6 Critical
SQL injection vulnerability in request.cgi in Synology SafeAccess before 1.2.3-0234 allows remote attackers to execute arbitrary SQL commands via the domain parameter.
CVE-2020-27659	1 Synology	1 Safeaccess	2024-11-21	8.4 High
Multiple cross-site scripting (XSS) vulnerabilities in Synology SafeAccess before 1.2.3-0234 allow remote attackers to inject arbitrary web script or HTML via the (1) domain or (2) profile parameter.

Page 1 of 1.