Synology DSM 5.0 ShellShock “safe by default”
So I was on twitter looking at some security stuff I follow and came across someone quoting Synology as saying that DSM 5.0 is “safe by default”. Here is a link to the Synology document. And here is the quote: The design of Synology NAS operating system, DiskStation Manager (DSM), is safe by default. The bash command shell built-in in DSM is reserved for system service use (HA Manager) only and not available to public...
Synology DSM 5.0 Update 7 fix for ShellShock vulnerability
Synology released their fix to the recent ShellShock bash vulnerability with release 5.0-4493 Update 7. So, you should consider updating your device when possible. Interestingly enough, a DS214+ does not have the release available (yet?) but a DS1513+ does: So, that’s peculiar – maybe DS214+ does not support bash shell? Hm.