Important Information about "libupnp: write files via POST" (CVE-2016-6255)

Publish Time: 2016-07-18 00:00:00 UTC+8

Last Updated: 2016-07-18 12:00:00 UTC+8

Severity: Critical

Status: Resolved

Description

On July 18th, a vulnerability regarding libupnp was discovered. This vulnerability results in unauthorized file transfer from/to the system when UPnP-related services are running. Affected products and features include:

All DSM versions prior to DSM 6.0.1-2
Control Panel > External Access > Router Configuration
QuickConnect
USB Wi-Fi dongles installed for hotspots
Any other UPnP-related packages
- Audio Station
- Video Station
- Media Server
- Download Station

Severity

Critical

Mitigation

Please configure firewall settings and allow UPnP access for trusted network only.

Update Availability

Synology has released DSM 6.0.1-2 to address the issue.

References

https://github.com/mjg59/pupnp-code/commit/be0a01bdb83395d9f3a5ea09c1308a4f1a972cbd