Synology Video Station command injection and multiple SQL in

1. ------------------------------------------------------------------------
2. Synology Video Station command injection and multiple SQL injection
3. vulnerabilities
4. ------------------------------------------------------------------------
5. Han Sahin, September 2015
6.  
7. ------------------------------------------------------------------------
8. Abstract
9. ------------------------------------------------------------------------
10. It was discovered that Synology Video Station is vulnerable to command
11. injection that allows an attacker to execute arbitrary system commands
12. with root privileges. In addition, Video Station is affected by multiple
13. SQL injection vulnerabilities that allows for execution of arbitrary SQL
14. statements with DBA privileges. As a result it is possible to compromise
15. the PostgreSQL database server.
16.  
17. ------------------------------------------------------------------------
18. Affected versions
19. ------------------------------------------------------------------------
20. These issues affect Synology Video Station version up to and including
21. version 1.5-0757.
22.  
23. ------------------------------------------------------------------------
24. Fix
25. ------------------------------------------------------------------------
26. Synology has reported that these issue have been resolved in:
27.  
28. - Video Station version 1.5-0757 [audiotrack.cgi]
29. - Video Station version 1.5-0763 [watchstatus.cgi]
30. - Video Station version 1.5-0763 [subtitle.cgi]
31.  
32. ------------------------------------------------------------------------
33. Details
34. ------------------------------------------------------------------------
35. https://www.securify.nl/advisory/SFY20150810/synology_video_station_command_injection_and_multiple_sql_injection_vulnerabilities.html
36.  
37. _______________________________________________