Synology releases urgent DSM security update for DiskStation and RackStation NAS devices

Synology has announced the discovery of security issues in the DiskStation Manager operating system which runs its RackStation and DiskStation NAS devices. The security issues render affected versions of the operating system vulnerable to attacks that allow an unauthorised user to run commands with root privileges and to read, write and delete files on the NAS.

All Synology users are strongly advised to access their NAS, open the Control Panel, go to the DSM Update page and update to the latest version of the operating system.

Symptoms of a compromised NAS include the following:

Appearance of non-Synology folder: An automatically created shared folder with the name “startup”, or a non-Synology folder appearing under the path of “/root/PWNED”

Redirection of the Web Station: “Index.php” is redirected to an unexpected page

Appearance of non-Synology CGI program: Files with meaningless names exist under the path of “/usr/syno/synoman”

Appearance of non-Synology script file: Non-Synology script files, such as “S99p.sh”, appear under the path of “/usr/syno/etc/rc.d”

If you identify any of the above issues, Synology advises that you download the latest version of the DSM from the Synology Download Center and install it on your NAS by running the Synology Assistant application for Windows, Mac OS X or Linux.

Devices running DSM 4.0 should be installed with DSM 4.0-2259 or later.

Devices running DSM 4.1 or 4.2 should be upgraded to DSM 4.2-3243 or later.

Devices running DSM 4.3 should be updated to DSM 4.3-3827.