How severe is CVE-2016-6554?

CVE-2016-6554 has a CVSS v3 score of 9.8 (CRITICAL).

CVE-2016-6554

9.8CRITICAL

Synology NAS servers DS107, firmware version 3.1-1639 and prior, and DS116, DS213, firmware versions prior to 5.2-5644-1, use non-random default credentials of: guest:(blank) and admin:(blank) . A rem

Published: 7/13/2018Updated: 11/21/2024

Description

Synology NAS servers DS107, firmware version 3.1-1639 and prior, and DS116, DS213, firmware versions prior to 5.2-5644-1, use non-random default credentials of: guest:(blank) and admin:(blank) . A remote network attacker can gain privileged access to a vulnerable device.

AI AnalysisPowered by AI

Affected Products

synologyds107_firmware

synologyds107

synologyds213_firmware

synologyds213

synologyds116_firmware

synologyds116

References

https://www.kb.cert.org/vuls/id/404187
Third Party AdvisoryUS Government Resource
https://www.securityfocus.com/bid/93805
Third Party AdvisoryVDB Entry
https://www.synology.com/en-global/releaseNote/DS213
Release NotesVendor Advisory
https://www.kb.cert.org/vuls/id/404187
Third Party AdvisoryUS Government Resource
https://www.securityfocus.com/bid/93805
Third Party AdvisoryVDB Entry
https://www.synology.com/en-global/releaseNote/DS213
Release NotesVendor Advisory