CVE-2024-10443
CVSS 3.1 Score 9.8 of 10 (high)
Details
Summary
CVE-2024-10443 is a Command Injection vulnerability affecting the Task Manager component in Synology BeePhotos versions before 1.0.2-10026 and 1.1.0-10053, as well as Synology Photos versions before 1.6.2-0720 and 1.7.0-0795. This issue permits remote attackers to inject and execute arbitrary code by exploiting the improper neutralization of special elements in commands. The exact attack vectors are unspecified, but successful exploitation can lead to serious security consequences. Synology users are advised to update their software to mitigate this vulnerability.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.