{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-18T15:40:16.479","vulnerabilities":[{"cve":{"id":"CVE-2022-27616","sourceIdentifier":"security@synology.com","published":"2022-08-03T02:15:07.613","lastModified":"2025-01-14T19:29:55.853","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability in webapi component in Synology DiskStation Manager (DSM) before 7.0.1-42218-3 allows remote authenticated users to execute arbitrary commands via unspecified vectors."},{"lang":"es","value":"Una vulnerabilidad de neutralización inapropiada de los elementos especiales usados en un comando del Sistema Operativo (\"Inyección de Comandos del Sistema Operativo\") en el componente webapi en Synology DiskStation Manager (DSM) versiones anteriores a 7.0.1-42218-3, permite a usuarios remotos autenticados ejecutar comandos arbitrarios por medio de vectores no especificados"}],"metrics":{"cvssMetricV31":[{"source":"security@synology.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","baseScore":7.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.2,"impactScore":5.9},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","baseScore":7.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.2,"impactScore":5.9}]},"weaknesses":[{"source":"security@synology.com","type":"Secondary","description":[{"lang":"en","value":"CWE-78"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:synology:diskstation_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"6.2","versionEndExcluding":"6.2.4-25556-5","matchCriteriaId":"43222A84-AA2B-4C84-BC6C-21603CA1C050"},{"vulnerable":true,"criteria":"cpe:2.3:o:synology:diskstation_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"7.0","versionEndExcluding":"7.0.1-42218-3","matchCriteriaId":"E59872F9-087A-472A-90F6-423F9BB4012C"}]}]}],"references":[{"url":"https://www.synology.com/security/advisory/Synology_SA_22_03","source":"security@synology.com","tags":["Vendor Advisory"]},{"url":"https://www.synology.com/security/advisory/Synology_SA_22_03","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}