CVE-2016-6554

Summary

Synology NAS servers DS107, firmware version 3.1-1639 and prior, and DS116, DS213, firmware versions prior to 5.2-5644-1, use non-random default credentials of: guest:(blank) and admin:(blank) . A remote network attacker can gain privileged access to a vulnerable device.

Affected Software

VendorProductVersion RangeStatus
SynologyNAS server DS1073.1-1639 <= 3.1-1639affected
SynologyNAS server DS1165.2-5644-1 < 5.2-5644-1affected
SynologyNAS server DS2135.2-5644-1 < 5.2-5644-1affected

Weaknesses

  • CWE-255: CWE-255

ADP Enrichment

CVE Program Container

Additional References

References