Synology NAS / DiskStation Manager (DSM) Detection Consolidation VT still detects the version number incorrectly. The detection is not detecting the “micro” versions properly, and this is leading to false positives of Synology DiskStation Manager (DSM) is prone to multiple vulnerabilities.
There might be a problem with your feed sync. The mentioned VT was last updated on Dec 4 2024 (see e.g. Greenbone Enterprise Appliance) with some changes which might solve the reporting. At least via authentication the correct full version should be extracted.
From what I see, the VT Greenbone Enterprise Appliance is the only Synology NAS / DiskStation Manager Detection VT that was updated in December. This means that it is the only VT capable of correctly detecting Synology DiskStation Manager (DSM) 's version.
Yes, only the HTTP based detection and with credentials provided in “Synology NAS / DiskStation Manager Detection (HTTP)” (OID: 1.3.6.1.4.1.25623.1.0.103786) will get the full version (with patch level).
Note that there are usually two VTs for the same CVEs/advisories. One with with known affected versions (e.g. lower than the fixed major version or if the full version with patch was extracted) with a higher QoD of 80% and an unreliable one if the patch was not extracted with a low QoD of 30%.
