GCVE - cpe:2.3:o:synology:beestation_os:1.1:-:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:o:synology:beestation_os:1.1:-:*:*:*:*:*:*

part: o version: 1.1 update: -

Vendor	Synology (`65464e9b-7339-559d-9719-837f074e0220`)
Product	Beestation Os (`f34e45aa-7ce0-57d5-8a72-96cb2298780e`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2024-50629`	vulnerable	2026-06-03 14:57:25.284195	Details available MEDIUM (5.3) Improper encoding or escaping of output vulnerability in the webapi component in Synology BeeStation OS (BSM) before 1.1-65374 and Synology DiskStation Manager (DSM) before 7.1.1-42962-7, 7.2-64570-4, 7.2.1-69057-6 and 7.2.2-72806-1 allow remote attackers to read limited files via unspecified vectors. Published: 2025-03-19T05:49:56.438Z Updated: 2025-03-28T01:10:51.638Z Open on db.gcve.eu Reference links https://www.synology.com/en-global/security/advisory/Synology_SA_24_20 https://www.synology.com/en-global/security/advisory/Synology_SA_24_23	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-10445`	vulnerable	2026-06-03 14:54:11.741663	Details available MEDIUM (4.3) Improper certificate validation vulnerability in the update functionality in Synology BeeStation OS (BSM) before 1.1-65374 and Synology DiskStation Manager (DSM) before 6.2.4-25556-8, 7.1.1-42962-7, 7.2-64570-4, 7.2.1-69057-6 and 7.2.2-72806-1 allow remote attackers to write limited files via unspecified vectors. Published: 2025-03-19T02:10:57.215Z Updated: 2025-03-28T01:14:46.531Z Open on db.gcve.eu Reference links https://www.synology.com/en-global/security/advisory/Synology_SA_24_20 https://www.synology.com/en-global/security/advisory/Synology_SA_24_23	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-10441`	vulnerable	2026-06-03 14:54:11.718476	Details available CRITICAL (9.8) Improper encoding or escaping of output vulnerability in the system plugin daemon in Synology BeeStation OS (BSM) before 1.1-65374 and Synology DiskStation Manager (DSM) before 7.2-64570-4, 7.2.1-69057-6 and 7.2.2-72806-1 allows remote attackers to execute arbitrary code via unspecified vectors. Published: 2025-03-19T02:09:56.387Z Updated: 2025-03-28T01:06:48.075Z Open on db.gcve.eu Reference links https://www.synology.com/en-global/security/advisory/Synology_SA_24_20 https://www.synology.com/en-global/security/advisory/Synology_SA_24_23	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.