ZDI-23-660: (Pwn2Own) Synology DiskStation Manager Serv.php Authentication Bypass Vulnerability

This vulnerability allows remote attackers to bypass authentication on affected installations of Synology DiskStation Manager. This vulnerability does not require authentication, but does require some user interaction.

attackers authentication authentication bypass bypass bypass vulnerability manager php pwn2own synology vulnerability zdi