CVE-2021-27647

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Mar 12, 2021

Updated: Jan 14, 2025

CWE ID 125

Summary

CVE-2021-27647 is an Out-of-Bounds Read vulnerability affecting Synology DiskStation Manager (DSM) prior to version 6.2.3-25426-3. This issue allows remote attackers to execute arbitrary code by sending crafted web requests to the iscsi_snapshot_comm_core component. An Out-of-Bounds Read vulnerability occurs when a program reads memory outside of its designated area, potentially accessing unintended data or instructions. By exploiting this flaw, attackers can gain unauthorized control over the targeted system.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

DiskStation Manager

Affected Vendors

Synology

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/hk__AG
https://www.cve.org/CVERecord?id=CVE-2021-27647
https://nvd.nist.gov/vuln/detail/CVE-2021-27647

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

Threats to the 2025 NATO Summit

Artificial Eyes: Generative AI in China’s Military Intelligence

GrayAlpha Uses Diverse Infection Vectors to Deploy PowerNet Loader and NetSupport RAT

Know What Matters

For Customers

For Partners