Synology_SA_25_01 | Synology Inc.
www.synology.com
Synology Product Security Advisory

This may require a manual install, as the patching for this may not auto-run.

A vulnerability allows man-in-the-middle attackers to hijack the authentication of administrators.

The vulnerability reported by PWN2OWN 2024 (ZDI-CAN-25487) has been addressed.