Hackers News Hackers News
  • CyberSecurity News
  • Threats
  • Attacks
  • Vulnerabilities
  • Breaches
  • Comparisons

Social Media

Hackers News Hackers News
  • CyberSecurity News
  • Threats
  • Attacks
  • Vulnerabilities
  • Breaches
  • Comparisons
Search the Site
Popular Searches:
technology Amazon AI
Recent Posts
FCC Bans Chinese Telecom Equipment From Huawei, ZTE, Others Over Security Risks
July 2, 2026
Critical JetBrains Flaws Allow Auth Bypass, Code Execution
July 2, 2026
Critical Microsoft Defender, Sysmon Flaw Lets Attackers Disable Security
July 2, 2026
Home/CyberSecurity News/Critical Synology DiskStation Manager Bug Lets Attackers Run Commands
CyberSecurity News

Critical Synology DiskStation Manager Bug Lets Attackers Run Commands

Key Takeaways A critical vulnerability (CVE-2026-32746) has been identified in Synology DiskStation Manager (DSM) and DSMUC, impacting network-attached storage (NAS) systems. The flaw, a buffer...

Jennifer sherman
Jennifer sherman
March 26, 2026 3 Min Read
38 0

Key Takeaways

  • A critical vulnerability (CVE-2026-32746) has been identified in Synology DiskStation Manager (DSM) and DSMUC, impacting network-attached storage (NAS) systems.
  • The flaw, a buffer overflow in the telnetd daemon, allows unauthenticated remote attackers to execute arbitrary commands with a CVSSv3 score of 9.8.
  • This poses a severe risk to organizations, as NAS devices often contain sensitive data and backups, making them prime targets for ransomware and data exfiltration.
  • Patches are available for most affected DSM versions, and Synology advises immediate updates or disabling the Telnet service as a temporary mitigation.

Critical Flaw in Synology DSM Exposes NAS Devices to Remote Command Execution

A severe security vulnerability in Synology’s DiskStation Manager (DSM) and DSMUC could allow unauthorized attackers to execute arbitrary commands on network-attached storage (NAS) devices. The flaw carries a critical CVSSv3 base score of 9.8, prompting an urgent call for administrators to apply patches.

Table Of Content

  • Key Takeaways
  • Critical Flaw in Synology DSM Exposes NAS Devices to Remote Command Execution
  • Technical Details of CVE-2026-32746
  • High-Value Target for Cybercriminals
  • Affected Products and Patches
  • What You Should Do

Given the pervasive deployment of Synology NAS systems for critical enterprise data management and backup operations, this vulnerability presents a significant risk. Organizations are strongly advised to implement available security updates without delay.

Technical Details of CVE-2026-32746

The vulnerability, tracked as CVE-2026-32746, stems from a buffer overflow (CWE-120) within the telnetd daemon, part of the GNU Inetutils package, specifically affecting versions up to 2.7. This critical defect arises from improper handling of inputs by the LINEMODE SLC (Set Local Characters) suboption handler during active network sessions.

The core problem lies in the add_slc function, which fails to validate whether its buffer is already at capacity. This oversight leads to an out-of-bounds write, a memory corruption error that can be exploited by threat actors. By leveraging this flaw, an attacker can bypass authentication mechanisms entirely and execute malicious commands directly on the host system, gaining full control over the affected NAS device.

High-Value Target for Cybercriminals

NAS devices are consistently high-value targets for various cybercriminal groups, including ransomware operators and data extortionists. These systems frequently house sensitive corporate data, intellectual property, and critical backup repositories, making any remote command-execution vulnerability a severe organizational threat.

A successful unauthenticated compromise could enable threat actors to deploy ransomware payloads, exfiltrate confidential files, or establish persistent backdoors within an organization’s internal network, potentially before any intrusion detection systems register an alert.

Affected Products and Patches

Synology has confirmed that multiple versions of DSM and DSMUC are critically impacted by this vulnerability. The vendor has released firmware upgrades to address the flaw across most affected operating systems.

  • Administrators running DSM 7.3 must upgrade to version 7.3.2-86009-3 or newer.
  • Those utilizing DSM 7.2.2 need to update to version 7.2.2-72806-8 or later.
  • Systems on DSM 7.2.1 require an upgrade to 7.2.1-69057-11 or above.
  • For DSMUC 3.1, a critical security patch is currently under active development.

Notably, other enterprise products such as BeeStation OS 1.4, SRM 1.3, and VS600HD 1.2 are not affected by this specific GNU Inetutils vulnerability.

What You Should Do

  • Apply Patches Immediately: For all affected DSM versions where patches are available, update your Synology NAS devices to the latest firmware as soon as possible.
  • Disable Telnet Service: If you are managing systems with a pending patch, such as DSMUC 3.1, or if immediate patching is not feasible, Synology strongly recommends disabling the Telnet service. This action neutralizes the risk of remote exploitation as the vulnerability specifically requires access to the Telnet protocol.
  • Follow Best Practices: To disable Telnet, navigate to the Control Panel, access Terminal settings, uncheck the “Enable Telnet service” option, and click Apply. Disabling Telnet also aligns with modern cybersecurity best practices, as Telnet transmits data in plaintext and is considered an outdated, insecure protocol.
  • Monitor Synology Advisories: Stay informed by regularly checking Synology’s official security advisories for updates on patches and recommended mitigations.

Disclaimer: HackersRadar reports on cybersecurity threats and incidents for informational and awareness purposes only. We do not engage in hacking activities, data exfiltration, or the hosting or distribution of stolen or leaked information. All content is based on publicly available sources.

Tags:

AttackCVECybersecurityExploitPatchransomwareSecurityThreatVulnerability

Share Article

Jennifer sherman

Jennifer sherman

Jennifer is a cybersecurity news reporter covering data breaches, ransomware campaigns, and dark web markets. With a background in incident response, Jennifer provides unique insights into how organizations respond to cyber attacks and the evolving tactics of threat actors. Her reporting has covered major breaches affecting millions of users and has helped organizations understand emerging threats. Jennifer combines technical knowledge with investigative journalism to deliver in-depth coverage of cybersecurity incidents.

Previous Post

Cisco Secure Firewall Vulnerability Allows Remote Code Execution as Root User

Next Post

Silver Fox Abuses Stolen EV Certificates in AtlasCross RAT Campaign

No Comment! Be the first one.

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Popular Posts
WinRAR 7.23 Patches Critical Heap Overflow Vulnerability CVE-2024-XXXX
July 2, 2026
Medtronic Confirms Data Breach, Corporate IT Systems Compromised
July 2, 2026
Critical ClamAV Vulnerabilities Let Attackers Trigger DoS
July 2, 2026
Top Authors
Marcus Rodriguez
Marcus Rodriguez
Jennifer sherman
Jennifer sherman
Emy Elsamnoudy
Emy Elsamnoudy
Let's Connect
156k
2.25m
285k

Related Posts

Jennifer sherman
By Jennifer sherman
Threats

GlassWorm Attacks macOS via Malicious VS Code…

January 1, 2026
Emy Elsamnoudy
By Emy Elsamnoudy
Attacks

ClickFix Attack Hides Malicious Code via Stegan Security

January 1, 2026
Sarah simpson
By Sarah simpson
Vulnerabilities

MongoBleed Detector Tool Released to Detect MongoDB Vulnerability(CVE-2025-14847)

January 1, 2026
Emy Elsamnoudy
By Emy Elsamnoudy
Breaches

Conti Ransomware Gang Leaders & Infrastructure Exposed

January 1, 2026
Hackers News Hackers News
  • [email protected]

Quick Links

  • Contact Us
  • Privacy Policy
  • Terms of service

Categories

Attacks
Breaches
Comparisons
CyberSecurity News
Threats
Vulnerabilities

Let's keep in touch

receive fresh updates and breaking cyber news every day and week!

All Rights Reserved by HackersRadar ©2026

Follow Us