Updated:07:28 PM CEST Jun,06

NEWS / RSS
CHEATS

REVIEWS

ARTICLES

HARDWARE

DEMOS

FORUMS

LINKS (new)

66 lottery login

91 club

okwin

bdg game

55 club

CONTACT

Please e-mail us if you have news.

Critical Synology DSM Flaw Lets Hackers Run Commands Remotely - No Login Needed - tech

(hx) 12:09 AM CET - Mar,27 2026

A critical buffer overflow vulnerability (CVE-2026-32746, CVSS 9.8) in Synology DiskStation Manager's telnetd daemon allows unauthenticated remote attackers to execute arbitrary commands on affected NAS devices.

The flaw, stemming from improper buffer handling in the GNU Inetutils package, impacts DSM versions up to 7.3 and could enable ransomware deployment, data theft, or backdoors.

Synology has released patches for DSM 7.2.1, 7.2.2, and 7.3; a fix for DSMUC 3.1 is in development.

Administrators should update immediately or disable the Telnet service as a temporary mitigation, since Telnet is plaintext and insecure.

last 10 comments:

All comments

Add your comment (free registration required)