CVE-2024-0854

MEDIUM Year: 2024
CVSS v3 Score
5.4
Medium
Weakness Type
CWE-601
View all →

Vulnerability Description

URL redirection to untrusted site ('Open Redirect') vulnerability in file access component in Synology DiskStation Manager (DSM) before 6.2.4-25556-8, 7.0.1-42218-7, 7.1.1-42962-7 and 7.2.1-69057-2 allows remote authenticated users to conduct phishing attacks via unspecified vectors.

Related Vulnerabilities

CVE-2016-0228

MEDIUM
CVSS:5.4(Medium)

IBM Marketing Platform 10.0 could allow a remote attacker to conduct phishing attacks, caused by an open redirect vulnerability in various scripts. An attacker could exploit this vulnerability to redi...

CWE-6012016

CVE-2016-0329

MEDIUM
CVSS:5.4(Medium)

Open redirect vulnerability in IBM Emptoris Sourcing 10.0.0.x before 10.0.0.1_iFix3, 10.0.1.x before 10.0.1.3_iFix3, 10.0.2.x before 10.0.2.8_iFix1, 10.0.4.0 before 10.0.4.0_iFix8, and 10.1.0.0 before...

CWE-6012016

CVE-2016-4604

MEDIUM
CVSS:5.4(Medium)

Safari in Apple iOS before 9.3.3 allows remote attackers to spoof the displayed URL via an HTTP response specifying redirection to an invalid TCP port number.

CWE-6012016

CVE-2016-8949

MEDIUM
CVSS:5.4(Medium)

IBM Emptoris Supplier Lifecycle Management 10.0.x and 10.1.x could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially-craft...

CWE-6012016

CVE-2016-8953

MEDIUM
CVSS:5.4(Medium)

IBM Emptoris Sourcing 9.5.x through 10.1.x could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially-crafted Web site, a rem...

CWE-6012016

CVE-2017-1159

MEDIUM
CVSS:5.4(Medium)

IBM Business Process Manager 8.0 and 8.5 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially-crafted Web site, a remot...

CWE-6012017