Vulnerability CVE-2022-27613


Published: 2022-07-28

Description:
Improper neutralization of special elements used in an SQL command ('SQL Injection') vulnerability in webapi component in Synology CardDAV Server before 6.0.10-0153 allows remote authenticated users to inject SQL commands via unspecified vectors.

Type:

CWE-89

(Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection'))

 References:
https://www.synology.com/security/advisory/Synology_SA_21_06

Copyright 2026, cxsecurity.com

 

Back to Top