All the vulnerabilites related to Synology - Synology Router Manager (SRM)
cve-2023-32955
Vulnerability from cvelistv5
Published
2023-05-16 07:15
Modified
2024-08-02 15:32
Severity ?
EPSS score ?
Summary
Improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability in DHCP Client Functionality in Synology Router Manager (SRM) before 1.2.5-8227-6 and 1.3.1-9346-3 allows man-in-the-middle attackers to execute arbitrary commands via unspecified vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.synology.com/en-global/security/advisory/Synology_SA_22_25 | vendor-advisory |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Synology | Synology Router Manager (SRM) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T15:32:46.553Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "Synology_SA_22_25",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.synology.com/en-global/security/advisory/Synology_SA_22_25"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Synology Router Manager (SRM)",
"vendor": "Synology",
"versions": [
{
"lessThan": "1.2.5-8227-6",
"status": "affected",
"version": "1.2",
"versionType": "semver"
},
{
"lessThan": "1.3.1-9346-3",
"status": "affected",
"version": "1.3",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Gaurav Baruah (@_gauravb_)"
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper neutralization of special elements used in an OS command (\u0027OS Command Injection\u0027) vulnerability in DHCP Client Functionality in Synology Router Manager (SRM) before 1.2.5-8227-6 and 1.3.1-9346-3 allows man-in-the-middle attackers to execute arbitrary commands via unspecified vectors."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-78: Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-05-16T07:15:16.105Z",
"orgId": "db201096-a0cc-46c7-9a55-61d9e221bf01",
"shortName": "synology"
},
"references": [
{
"name": "Synology_SA_22_25",
"tags": [
"vendor-advisory"
],
"url": "https://www.synology.com/en-global/security/advisory/Synology_SA_22_25"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "db201096-a0cc-46c7-9a55-61d9e221bf01",
"assignerShortName": "synology",
"cveId": "CVE-2023-32955",
"datePublished": "2023-05-16T07:15:16.105Z",
"dateReserved": "2023-05-16T06:53:43.164Z",
"dateUpdated": "2024-08-02T15:32:46.553Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-13292
Vulnerability from cvelistv5
Published
2019-04-01 14:28
Modified
2024-09-16 18:48
Severity ?
EPSS score ?
Summary
Information exposure vulnerability in /usr/syno/etc/mount.conf in Synology Router Manager (SRM) before 1.1.7-6941-2 allows remote authenticated users to obtain sensitive information via the world readable configuration.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.synology.com/security/advisory/Synology_SA_18_48 | x_refsource_CONFIRM |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Synology | Synology Router Manager (SRM) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T09:00:34.334Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.synology.com/security/advisory/Synology_SA_18_48"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Synology Router Manager (SRM)",
"vendor": "Synology",
"versions": [
{
"lessThan": "1.1.7-6941-2",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2019-03-31T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Information exposure vulnerability in /usr/syno/etc/mount.conf in Synology Router Manager (SRM) before 1.1.7-6941-2 allows remote authenticated users to obtain sensitive information via the world readable configuration."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "Information Exposure (CWE-200)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-04-01T14:28:24",
"orgId": "db201096-a0cc-46c7-9a55-61d9e221bf01",
"shortName": "synology"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.synology.com/security/advisory/Synology_SA_18_48"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@synology.com",
"DATE_PUBLIC": "2019-03-31T00:00:00",
"ID": "CVE-2018-13292",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Synology Router Manager (SRM)",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "1.1.7-6941-2"
}
]
}
}
]
},
"vendor_name": "Synology"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Information exposure vulnerability in /usr/syno/etc/mount.conf in Synology Router Manager (SRM) before 1.1.7-6941-2 allows remote authenticated users to obtain sensitive information via the world readable configuration."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Exposure (CWE-200)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.synology.com/security/advisory/Synology_SA_18_48",
"refsource": "CONFIRM",
"url": "https://www.synology.com/security/advisory/Synology_SA_18_48"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "db201096-a0cc-46c7-9a55-61d9e221bf01",
"assignerShortName": "synology",
"cveId": "CVE-2018-13292",
"datePublished": "2019-04-01T14:28:24.699997Z",
"dateReserved": "2018-07-05T00:00:00",
"dateUpdated": "2024-09-16T18:48:51.190Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-27657
Vulnerability from cvelistv5
Published
2020-10-29 08:55
Modified
2024-09-16 23:55
Severity ?
EPSS score ?
Summary
Cleartext transmission of sensitive information vulnerability in DDNS in Synology Router Manager (SRM) before 1.2.4-8081 allows man-in-the-middle attackers to eavesdrop authentication information of DNSExit via unspecified vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.synology.com/security/advisory/Synology_SA_20_14 | x_refsource_CONFIRM | |
| https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1071 | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Synology | Synology Router Manager (SRM) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T16:18:45.483Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.synology.com/security/advisory/Synology_SA_20_14"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1071"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Synology Router Manager (SRM)",
"vendor": "Synology",
"versions": [
{
"lessThan": "1.2.4-8081",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2020-10-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cleartext transmission of sensitive information vulnerability in DDNS in Synology Router Manager (SRM) before 1.2.4-8081 allows man-in-the-middle attackers to eavesdrop authentication information of DNSExit via unspecified vectors."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-319",
"description": "CWE-319: Cleartext Transmission of Sensitive Information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-10-30T00:06:24",
"orgId": "db201096-a0cc-46c7-9a55-61d9e221bf01",
"shortName": "synology"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.synology.com/security/advisory/Synology_SA_20_14"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1071"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@synology.com",
"DATE_PUBLIC": "2020-10-29T00:00:00",
"ID": "CVE-2020-27657",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Synology Router Manager (SRM)",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "1.2.4-8081"
}
]
}
}
]
},
"vendor_name": "Synology"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cleartext transmission of sensitive information vulnerability in DDNS in Synology Router Manager (SRM) before 1.2.4-8081 allows man-in-the-middle attackers to eavesdrop authentication information of DNSExit via unspecified vectors."
}
]
},
"impact": {
"cvss": {
"baseScore": "6.5",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-319: Cleartext Transmission of Sensitive Information"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.synology.com/security/advisory/Synology_SA_20_14",
"refsource": "CONFIRM",
"url": "https://www.synology.com/security/advisory/Synology_SA_20_14"
},
{
"name": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1071",
"refsource": "MISC",
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1071"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "db201096-a0cc-46c7-9a55-61d9e221bf01",
"assignerShortName": "synology",
"cveId": "CVE-2020-27657",
"datePublished": "2020-10-29T08:55:22.868313Z",
"dateReserved": "2020-10-22T00:00:00",
"dateUpdated": "2024-09-16T23:55:31.913Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-27649
Vulnerability from cvelistv5
Published
2020-10-29 08:55
Modified
2024-09-16 17:18
Severity ?
EPSS score ?
Summary
Improper certificate validation vulnerability in OpenVPN client in Synology Router Manager (SRM) before 1.2.4-8081 allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.synology.com/security/advisory/Synology_SA_20_14 | x_refsource_CONFIRM | |
| https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1058 | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Synology | Synology Router Manager (SRM) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T16:18:45.541Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.synology.com/security/advisory/Synology_SA_20_14"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1058"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Synology Router Manager (SRM)",
"vendor": "Synology",
"versions": [
{
"lessThan": "1.2.4-8081",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2020-10-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Improper certificate validation vulnerability in OpenVPN client in Synology Router Manager (SRM) before 1.2.4-8081 allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-295",
"description": "CWE-295: Improper Certificate Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-10-29T20:06:17",
"orgId": "db201096-a0cc-46c7-9a55-61d9e221bf01",
"shortName": "synology"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.synology.com/security/advisory/Synology_SA_20_14"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1058"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@synology.com",
"DATE_PUBLIC": "2020-10-29T00:00:00",
"ID": "CVE-2020-27649",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Synology Router Manager (SRM)",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "1.2.4-8081"
}
]
}
}
]
},
"vendor_name": "Synology"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Improper certificate validation vulnerability in OpenVPN client in Synology Router Manager (SRM) before 1.2.4-8081 allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
]
},
"impact": {
"cvss": {
"baseScore": "8.3",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-295: Improper Certificate Validation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.synology.com/security/advisory/Synology_SA_20_14",
"refsource": "CONFIRM",
"url": "https://www.synology.com/security/advisory/Synology_SA_20_14"
},
{
"name": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1058",
"refsource": "MISC",
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1058"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "db201096-a0cc-46c7-9a55-61d9e221bf01",
"assignerShortName": "synology",
"cveId": "CVE-2020-27649",
"datePublished": "2020-10-29T08:55:20.493003Z",
"dateReserved": "2020-10-22T00:00:00",
"dateUpdated": "2024-09-16T17:18:38.304Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-32956
Vulnerability from cvelistv5
Published
2023-05-16 07:16
Modified
2024-08-02 15:32
Severity ?
EPSS score ?
Summary
Improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability in CGI component in Synology Router Manager (SRM) before 1.2.5-8227-6 and 1.3.1-9346-3 allows remote attackers to execute arbitrary code via unspecified vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.synology.com/en-global/security/advisory/Synology_SA_22_25 | vendor-advisory |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Synology | Synology Router Manager (SRM) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T15:32:46.508Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "Synology_SA_22_25",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.synology.com/en-global/security/advisory/Synology_SA_22_25"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Synology Router Manager (SRM)",
"vendor": "Synology",
"versions": [
{
"lessThan": "1.3.1-9346-3",
"status": "affected",
"version": "1.3",
"versionType": "semver"
},
{
"lessThan": "1.2.5-8227-6",
"status": "affected",
"version": "1.2",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Rico Tubbing and Jurian van Dalfsen (Computest)"
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper neutralization of special elements used in an OS command (\u0027OS Command Injection\u0027) vulnerability in CGI component in Synology Router Manager (SRM) before 1.2.5-8227-6 and 1.3.1-9346-3 allows remote attackers to execute arbitrary code via unspecified vectors."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-78: Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-05-16T07:16:09.640Z",
"orgId": "db201096-a0cc-46c7-9a55-61d9e221bf01",
"shortName": "synology"
},
"references": [
{
"name": "Synology_SA_22_25",
"tags": [
"vendor-advisory"
],
"url": "https://www.synology.com/en-global/security/advisory/Synology_SA_22_25"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "db201096-a0cc-46c7-9a55-61d9e221bf01",
"assignerShortName": "synology",
"cveId": "CVE-2023-32956",
"datePublished": "2023-05-16T07:16:09.640Z",
"dateReserved": "2023-05-16T06:53:43.164Z",
"dateUpdated": "2024-08-02T15:32:46.508Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-13290
Vulnerability from cvelistv5
Published
2019-04-01 14:28
Modified
2024-09-17 02:01
Severity ?
EPSS score ?
Summary
Information exposure vulnerability in SYNO.Core.ACL in Synology Router Manager (SRM) before 1.1.7-6941-2 allows remote authenticated users to determine the existence of files or obtain sensitive information of files via the file_path parameter.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.synology.com/security/advisory/Synology_SA_18_48 | x_refsource_CONFIRM |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Synology | Synology Router Manager (SRM) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T09:00:34.544Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.synology.com/security/advisory/Synology_SA_18_48"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Synology Router Manager (SRM)",
"vendor": "Synology",
"versions": [
{
"lessThan": "1.1.7-6941-2",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2019-03-31T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Information exposure vulnerability in SYNO.Core.ACL in Synology Router Manager (SRM) before 1.1.7-6941-2 allows remote authenticated users to determine the existence of files or obtain sensitive information of files via the file_path parameter."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "Information Exposure (CWE-200)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-04-01T14:28:24",
"orgId": "db201096-a0cc-46c7-9a55-61d9e221bf01",
"shortName": "synology"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.synology.com/security/advisory/Synology_SA_18_48"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@synology.com",
"DATE_PUBLIC": "2019-03-31T00:00:00",
"ID": "CVE-2018-13290",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Synology Router Manager (SRM)",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "1.1.7-6941-2"
}
]
}
}
]
},
"vendor_name": "Synology"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Information exposure vulnerability in SYNO.Core.ACL in Synology Router Manager (SRM) before 1.1.7-6941-2 allows remote authenticated users to determine the existence of files or obtain sensitive information of files via the file_path parameter."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Exposure (CWE-200)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.synology.com/security/advisory/Synology_SA_18_48",
"refsource": "CONFIRM",
"url": "https://www.synology.com/security/advisory/Synology_SA_18_48"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "db201096-a0cc-46c7-9a55-61d9e221bf01",
"assignerShortName": "synology",
"cveId": "CVE-2018-13290",
"datePublished": "2019-04-01T14:28:24.662428Z",
"dateReserved": "2018-07-05T00:00:00",
"dateUpdated": "2024-09-17T02:01:20.445Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-41738
Vulnerability from cvelistv5
Published
2023-08-31 09:08
Modified
2024-10-01 17:59
Severity ?
EPSS score ?
Summary
Improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability in Directory Domain Functionality in Synology Router Manager (SRM) before 1.3.1-9346-6 allows remote authenticated users to execute arbitrary commands via unspecified vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.synology.com/en-global/security/advisory/Synology_SA_23_10 | vendor-advisory |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Synology | Synology Router Manager (SRM) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:01:35.451Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "Synology-SA-23:10 SRM",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.synology.com/en-global/security/advisory/Synology_SA_23_10"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-41738",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-01T17:57:46.007026Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-01T17:59:05.824Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Synology Router Manager (SRM)",
"vendor": "Synology",
"versions": [
{
"lessThan": "1.3.1-9346-6",
"status": "affected",
"version": "1.3",
"versionType": "semver"
},
{
"lessThan": "1.3",
"status": "unknown",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Claroty Research - Vera Mens, Uri Katz, Noam Moshe, Sharon Brizinov"
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper neutralization of special elements used in an OS command (\u0027OS Command Injection\u0027) vulnerability in Directory Domain Functionality in Synology Router Manager (SRM) before 1.3.1-9346-6 allows remote authenticated users to execute arbitrary commands via unspecified vectors."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-78: Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-31T09:08:13.205Z",
"orgId": "db201096-a0cc-46c7-9a55-61d9e221bf01",
"shortName": "synology"
},
"references": [
{
"name": "Synology-SA-23:10 SRM",
"tags": [
"vendor-advisory"
],
"url": "https://www.synology.com/en-global/security/advisory/Synology_SA_23_10"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "db201096-a0cc-46c7-9a55-61d9e221bf01",
"assignerShortName": "synology",
"cveId": "CVE-2023-41738",
"datePublished": "2023-08-31T09:08:13.205Z",
"dateReserved": "2023-08-31T07:54:07.974Z",
"dateUpdated": "2024-10-01T17:59:05.824Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-41741
Vulnerability from cvelistv5
Published
2023-08-31 09:08
Modified
2024-10-01 17:55
Severity ?
EPSS score ?
Summary
Exposure of sensitive information to an unauthorized actor vulnerability in cgi component in Synology Router Manager (SRM) before 1.3.1-9346-6 allows remote attackers to obtain sensitive information via unspecified vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.synology.com/en-global/security/advisory/Synology_SA_23_10 | vendor-advisory |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Synology | Synology Router Manager (SRM) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:09:47.890Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "Synology-SA-23:10 SRM",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.synology.com/en-global/security/advisory/Synology_SA_23_10"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-41741",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-01T17:53:23.602113Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-01T17:55:21.795Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Synology Router Manager (SRM)",
"vendor": "Synology",
"versions": [
{
"lessThan": "1.3.1-9346-6",
"status": "affected",
"version": "1.3",
"versionType": "semver"
},
{
"lessThan": "1.3",
"status": "unknown",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Claroty Research - Vera Mens, Uri Katz, Noam Moshe, Sharon Brizinov"
}
],
"descriptions": [
{
"lang": "en",
"value": "Exposure of sensitive information to an unauthorized actor vulnerability in cgi component in Synology Router Manager (SRM) before 1.3.1-9346-6 allows remote attackers to obtain sensitive information via unspecified vectors."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-31T09:08:59.017Z",
"orgId": "db201096-a0cc-46c7-9a55-61d9e221bf01",
"shortName": "synology"
},
"references": [
{
"name": "Synology-SA-23:10 SRM",
"tags": [
"vendor-advisory"
],
"url": "https://www.synology.com/en-global/security/advisory/Synology_SA_23_10"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "db201096-a0cc-46c7-9a55-61d9e221bf01",
"assignerShortName": "synology",
"cveId": "CVE-2023-41741",
"datePublished": "2023-08-31T09:08:59.017Z",
"dateReserved": "2023-08-31T07:54:07.974Z",
"dateUpdated": "2024-10-01T17:55:21.795Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-39348
Vulnerability from cvelistv5
Published
2024-06-28 06:30
Modified
2024-08-02 04:26
Severity ?
EPSS score ?
Summary
Download of code without integrity check vulnerability in AirPrint functionality in Synology Router Manager (SRM) before 1.2.5-8227-11 and 1.3.1-9346-8 allows man-in-the-middle attackers to execute arbitrary code via unspecified vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.synology.com/en-global/security/advisory/Synology_SA_23_16 | vendor-advisory |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Synology | Synology Router Manager (SRM) |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:synology:router_manager:1.3:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "router_manager",
"vendor": "synology",
"versions": [
{
"lessThan": "1.3.1-9346-8",
"status": "affected",
"version": "1.3",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:synology:router_manager:1.2:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "router_manager",
"vendor": "synology",
"versions": [
{
"lessThan": "1.2.5-8227-11",
"status": "affected",
"version": "1.2",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:synology:router_manager:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "router_manager",
"vendor": "synology",
"versions": [
{
"lessThan": "1.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-39348",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-28T13:33:32.527252Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-28T13:39:34.938Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:26:14.241Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "Synology-SA-23:16 SRM (PWN2OWN 2023)",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.synology.com/en-global/security/advisory/Synology_SA_23_16"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Synology Router Manager (SRM)",
"vendor": "Synology",
"versions": [
{
"lessThan": "1.3.1-9346-8",
"status": "affected",
"version": "1.3",
"versionType": "semver"
},
{
"lessThan": "1.2.5-8227-11",
"status": "affected",
"version": "1.2",
"versionType": "semver"
},
{
"lessThan": "1.2",
"status": "unknown",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Tomer Goldschmidt and Sharon Brizinov of Claroty Research - Team82"
}
],
"descriptions": [
{
"lang": "en",
"value": "Download of code without integrity check vulnerability in AirPrint functionality in Synology Router Manager (SRM) before 1.2.5-8227-11 and 1.3.1-9346-8 allows man-in-the-middle attackers to execute arbitrary code via unspecified vectors."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-494",
"description": "CWE-494: Download of Code Without Integrity Check",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-28T06:30:57.973Z",
"orgId": "db201096-a0cc-46c7-9a55-61d9e221bf01",
"shortName": "synology"
},
"references": [
{
"name": "Synology-SA-23:16 SRM (PWN2OWN 2023)",
"tags": [
"vendor-advisory"
],
"url": "https://www.synology.com/en-global/security/advisory/Synology_SA_23_16"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "db201096-a0cc-46c7-9a55-61d9e221bf01",
"assignerShortName": "synology",
"cveId": "CVE-2024-39348",
"datePublished": "2024-06-28T06:30:57.973Z",
"dateReserved": "2024-06-24T10:57:17.891Z",
"dateUpdated": "2024-08-02T04:26:14.241Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-2729
Vulnerability from cvelistv5
Published
2023-06-13 07:11
Modified
2024-08-02 06:33
Severity ?
EPSS score ?
Summary
Use of insufficiently random values vulnerability in User Management Functionality in Synology DiskStation Manager (DSM) before 7.2-64561 allows remote attackers to obtain user credential via unspecified vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.synology.com/en-global/security/advisory/Synology_SA_23_07 | vendor-advisory | |
| https://www.synology.com/en-global/security/advisory/Synology_SA_23_08 | vendor-advisory |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T06:33:05.246Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "Synology-SA-23:07 DSM",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.synology.com/en-global/security/advisory/Synology_SA_23_07"
},
{
"name": "Synology-SA-23:08 SRM",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.synology.com/en-global/security/advisory/Synology_SA_23_08"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "DiskStation Manager (DSM)",
"vendor": "Synology",
"versions": [
{
"lessThan": "7.2-64561",
"status": "affected",
"version": "7.2",
"versionType": "semver"
},
{
"lessThan": "7.1.*",
"status": "affected",
"version": "7.1",
"versionType": "semver"
},
{
"lessThan": "7.0.*",
"status": "affected",
"version": "7.0",
"versionType": "semver"
},
{
"lessThan": "6.2.*",
"status": "affected",
"version": "6.2",
"versionType": "semver"
},
{
"lessThan": "6.2",
"status": "unknown",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "affected",
"product": "Unified Controller (DSMUC)",
"vendor": "Synology",
"versions": [
{
"lessThan": "3.1.*",
"status": "affected",
"version": "3.1",
"versionType": "semver"
},
{
"lessThan": "3.1",
"status": "unknown",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "affected",
"product": "Synology Router Manager (SRM)",
"vendor": "Synology",
"versions": [
{
"lessThan": "1.3.*",
"status": "affected",
"version": "1.3",
"versionType": "semver"
},
{
"lessThan": "1.2.*",
"status": "affected",
"version": "1.2",
"versionType": "semver"
},
{
"lessThan": "1.2",
"status": "unknown",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Sharon Brizinov of Claroty Research"
}
],
"descriptions": [
{
"lang": "en",
"value": "Use of insufficiently random values vulnerability in User Management Functionality in Synology DiskStation Manager (DSM) before 7.2-64561 allows remote attackers to obtain user credential via unspecified vectors."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-330: Use of Insufficiently Random Values",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-06-13T11:14:57.295Z",
"orgId": "db201096-a0cc-46c7-9a55-61d9e221bf01",
"shortName": "synology"
},
"references": [
{
"name": "Synology-SA-23:07 DSM",
"tags": [
"vendor-advisory"
],
"url": "https://www.synology.com/en-global/security/advisory/Synology_SA_23_07"
},
{
"name": "Synology-SA-23:08 SRM",
"tags": [
"vendor-advisory"
],
"url": "https://www.synology.com/en-global/security/advisory/Synology_SA_23_08"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "db201096-a0cc-46c7-9a55-61d9e221bf01",
"assignerShortName": "synology",
"cveId": "CVE-2023-2729",
"datePublished": "2023-06-13T07:11:54.850Z",
"dateReserved": "2023-05-16T03:36:11.521Z",
"dateUpdated": "2024-08-02T06:33:05.246Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-15895
Vulnerability from cvelistv5
Published
2017-12-08 16:00
Modified
2024-09-16 17:39
Severity ?
EPSS score ?
Summary
Directory traversal vulnerability in the SYNO.FileStation.Extract in Synology Router Manager (SRM) before 1.1.5-6542-4 allows remote authenticated users to write arbitrary files via the dest_folder_path parameter.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.synology.com/en-global/support/security/Synology_SA_17_71_SRM | x_refsource_CONFIRM |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Synology | Synology Router Manager (SRM) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T20:04:50.442Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.synology.com/en-global/support/security/Synology_SA_17_71_SRM"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Synology Router Manager (SRM)",
"vendor": "Synology",
"versions": [
{
"status": "affected",
"version": "before 1.1.5-6542-4"
}
]
}
],
"datePublic": "2017-11-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in the SYNO.FileStation.Extract in Synology Router Manager (SRM) before 1.1.5-6542-4 allows remote authenticated users to write arbitrary files via the dest_folder_path parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "Improper Limitation of a Pathname to a Restricted Directory (CWE-22)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-12-08T15:57:01",
"orgId": "db201096-a0cc-46c7-9a55-61d9e221bf01",
"shortName": "synology"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.synology.com/en-global/support/security/Synology_SA_17_71_SRM"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@synology.com",
"DATE_PUBLIC": "2017-11-15T00:00:00",
"ID": "CVE-2017-15895",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Synology Router Manager (SRM)",
"version": {
"version_data": [
{
"version_value": "before 1.1.5-6542-4"
}
]
}
}
]
},
"vendor_name": "Synology"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Directory traversal vulnerability in the SYNO.FileStation.Extract in Synology Router Manager (SRM) before 1.1.5-6542-4 allows remote authenticated users to write arbitrary files via the dest_folder_path parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Limitation of a Pathname to a Restricted Directory (CWE-22)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.synology.com/en-global/support/security/Synology_SA_17_71_SRM",
"refsource": "CONFIRM",
"url": "https://www.synology.com/en-global/support/security/Synology_SA_17_71_SRM"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "db201096-a0cc-46c7-9a55-61d9e221bf01",
"assignerShortName": "synology",
"cveId": "CVE-2017-15895",
"datePublished": "2017-12-08T16:00:00Z",
"dateReserved": "2017-10-25T00:00:00",
"dateUpdated": "2024-09-16T17:39:14.692Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-11823
Vulnerability from cvelistv5
Published
2020-05-04 10:00
Modified
2024-09-16 19:35
Severity ?
EPSS score ?
Summary
CRLF injection vulnerability in Network Center in Synology Router Manager (SRM) before 1.2.3-8017-2 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via crafted network traffic.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.synology.com/security/advisory/Synology_SA_20_11 | x_refsource_CONFIRM | |
| https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1051 | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Synology | Synology Router Manager (SRM) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T23:03:32.740Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.synology.com/security/advisory/Synology_SA_20_11"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1051"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Synology Router Manager (SRM)",
"vendor": "Synology",
"versions": [
{
"lessThan": "1.2.3-8017-2",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2020-05-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "CRLF injection vulnerability in Network Center in Synology Router Manager (SRM) before 1.2.3-8017-2 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via crafted network traffic."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125: Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-05-12T12:50:49",
"orgId": "db201096-a0cc-46c7-9a55-61d9e221bf01",
"shortName": "synology"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.synology.com/security/advisory/Synology_SA_20_11"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1051"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@synology.com",
"DATE_PUBLIC": "2020-05-04T00:00:00",
"ID": "CVE-2019-11823",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Synology Router Manager (SRM)",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "1.2.3-8017-2"
}
]
}
}
]
},
"vendor_name": "Synology"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CRLF injection vulnerability in Network Center in Synology Router Manager (SRM) before 1.2.3-8017-2 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via crafted network traffic."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-125: Out-of-bounds Read"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.synology.com/security/advisory/Synology_SA_20_11",
"refsource": "CONFIRM",
"url": "https://www.synology.com/security/advisory/Synology_SA_20_11"
},
{
"name": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1051",
"refsource": "MISC",
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1051"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "db201096-a0cc-46c7-9a55-61d9e221bf01",
"assignerShortName": "synology",
"cveId": "CVE-2019-11823",
"datePublished": "2020-05-04T10:00:18.576975Z",
"dateReserved": "2019-05-08T00:00:00",
"dateUpdated": "2024-09-16T19:35:18.333Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-43932
Vulnerability from cvelistv5
Published
2023-01-05 09:02
Modified
2024-08-03 13:40
Severity ?
EPSS score ?
Summary
Improper neutralization of special elements in output used by a downstream component ('Injection') vulnerability in CGI component in Synology Router Manager (SRM) before 1.2.5-8227-6 and 1.3.1-9346-3 allows remote attackers to read arbitrary files via unspecified vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.synology.com/en-global/security/advisory/Synology_SA_22_25 | vendor-advisory |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Synology | Synology Router Manager (SRM) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T13:40:06.866Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "Synology_SA_22_25",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.synology.com/en-global/security/advisory/Synology_SA_22_25"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Synology Router Manager (SRM)",
"vendor": "Synology",
"versions": [
{
"lessThan": "1.2.5-8227-6",
"status": "affected",
"version": "1.2",
"versionType": "semver"
},
{
"lessThan": "1.3.1-9346-3",
"status": "affected",
"version": "1.3",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper neutralization of special elements in output used by a downstream component (\u0027Injection\u0027) vulnerability in CGI component in Synology Router Manager (SRM) before 1.2.5-8227-6 and 1.3.1-9346-3 allows remote attackers to read arbitrary files via unspecified vectors."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-01-05T09:02:28.484Z",
"orgId": "db201096-a0cc-46c7-9a55-61d9e221bf01",
"shortName": "synology"
},
"references": [
{
"name": "Synology_SA_22_25",
"tags": [
"vendor-advisory"
],
"url": "https://www.synology.com/en-global/security/advisory/Synology_SA_22_25"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "db201096-a0cc-46c7-9a55-61d9e221bf01",
"assignerShortName": "synology",
"cveId": "CVE-2022-43932",
"datePublished": "2023-01-05T09:02:28.484Z",
"dateReserved": "2022-10-26T17:55:30.258Z",
"dateUpdated": "2024-08-03T13:40:06.866Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-27653
Vulnerability from cvelistv5
Published
2020-10-29 08:55
Modified
2024-09-16 19:04
Severity ?
EPSS score ?
Summary
Algorithm downgrade vulnerability in QuickConnect in Synology Router Manager (SRM) before 1.2.4-8081 allows man-in-the-middle attackers to spoof servers and obtain sensitive information via unspecified vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.synology.com/security/advisory/Synology_SA_20_14 | x_refsource_CONFIRM | |
| https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1061 | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Synology | Synology Router Manager (SRM) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T16:18:45.406Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.synology.com/security/advisory/Synology_SA_20_14"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1061"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Synology Router Manager (SRM)",
"vendor": "Synology",
"versions": [
{
"lessThan": "1.2.4-8081",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2020-10-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Algorithm downgrade vulnerability in QuickConnect in Synology Router Manager (SRM) before 1.2.4-8081 allows man-in-the-middle attackers to spoof servers and obtain sensitive information via unspecified vectors."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-327",
"description": "CWE-327: Use of a Broken or Risky Cryptographic Algorithm",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-05-12T12:50:50",
"orgId": "db201096-a0cc-46c7-9a55-61d9e221bf01",
"shortName": "synology"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.synology.com/security/advisory/Synology_SA_20_14"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1061"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@synology.com",
"DATE_PUBLIC": "2020-10-29T00:00:00",
"ID": "CVE-2020-27653",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Synology Router Manager (SRM)",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "1.2.4-8081"
}
]
}
}
]
},
"vendor_name": "Synology"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Algorithm downgrade vulnerability in QuickConnect in Synology Router Manager (SRM) before 1.2.4-8081 allows man-in-the-middle attackers to spoof servers and obtain sensitive information via unspecified vectors."
}
]
},
"impact": {
"cvss": {
"baseScore": "8.3",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-327: Use of a Broken or Risky Cryptographic Algorithm"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.synology.com/security/advisory/Synology_SA_20_14",
"refsource": "CONFIRM",
"url": "https://www.synology.com/security/advisory/Synology_SA_20_14"
},
{
"name": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1061",
"refsource": "MISC",
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1061"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "db201096-a0cc-46c7-9a55-61d9e221bf01",
"assignerShortName": "synology",
"cveId": "CVE-2020-27653",
"datePublished": "2020-10-29T08:55:21.316433Z",
"dateReserved": "2020-10-22T00:00:00",
"dateUpdated": "2024-09-16T19:04:23.639Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-41739
Vulnerability from cvelistv5
Published
2023-08-31 09:08
Modified
2024-09-27 18:55
Severity ?
EPSS score ?
Summary
Uncontrolled resource consumption vulnerability in File Functionality in Synology Router Manager (SRM) before 1.3.1-9346-6 allows remote authenticated users to conduct denial-of-service attacks via unspecified vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.synology.com/en-global/security/advisory/Synology_SA_23_10 | vendor-advisory |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Synology | Synology Router Manager (SRM) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:09:47.896Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "Synology-SA-23:10 SRM",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.synology.com/en-global/security/advisory/Synology_SA_23_10"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-41739",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-27T18:19:46.425660Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-27T18:55:50.050Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Synology Router Manager (SRM)",
"vendor": "Synology",
"versions": [
{
"lessThan": "1.3.1-9346-6",
"status": "affected",
"version": "1.3",
"versionType": "semver"
},
{
"lessThan": "1.3",
"status": "unknown",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Claroty Research - Vera Mens, Uri Katz, Noam Moshe, Sharon Brizinov"
}
],
"descriptions": [
{
"lang": "en",
"value": "Uncontrolled resource consumption vulnerability in File Functionality in Synology Router Manager (SRM) before 1.3.1-9346-6 allows remote authenticated users to conduct denial-of-service attacks via unspecified vectors."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-400: Uncontrolled Resource Consumption",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-31T09:08:47.191Z",
"orgId": "db201096-a0cc-46c7-9a55-61d9e221bf01",
"shortName": "synology"
},
"references": [
{
"name": "Synology-SA-23:10 SRM",
"tags": [
"vendor-advisory"
],
"url": "https://www.synology.com/en-global/security/advisory/Synology_SA_23_10"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "db201096-a0cc-46c7-9a55-61d9e221bf01",
"assignerShortName": "synology",
"cveId": "CVE-2023-41739",
"datePublished": "2023-08-31T09:08:47.191Z",
"dateReserved": "2023-08-31T07:54:07.974Z",
"dateUpdated": "2024-09-27T18:55:50.050Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-27658
Vulnerability from cvelistv5
Published
2020-10-29 08:55
Modified
2024-09-17 03:23
Severity ?
EPSS score ?
Summary
Synology Router Manager (SRM) before 1.2.4-8081 does not include the HTTPOnly flag in a Set-Cookie header for the session cookie, which makes it easier for remote attackers to obtain potentially sensitive information via script access to this cookie.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.synology.com/security/advisory/Synology_SA_20_14 | x_refsource_CONFIRM | |
| https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1086 | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Synology | Synology Router Manager (SRM) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T16:18:45.562Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.synology.com/security/advisory/Synology_SA_20_14"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1086"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Synology Router Manager (SRM)",
"vendor": "Synology",
"versions": [
{
"lessThan": "1.2.4-8081",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2020-10-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Synology Router Manager (SRM) before 1.2.4-8081 does not include the HTTPOnly flag in a Set-Cookie header for the session cookie, which makes it easier for remote attackers to obtain potentially sensitive information via script access to this cookie."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1004",
"description": "CWE-1004: Sensitive Cookie Without \u0027HttpOnly\u0027 Flag",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-10-29T21:06:12",
"orgId": "db201096-a0cc-46c7-9a55-61d9e221bf01",
"shortName": "synology"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.synology.com/security/advisory/Synology_SA_20_14"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1086"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@synology.com",
"DATE_PUBLIC": "2020-10-29T00:00:00",
"ID": "CVE-2020-27658",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Synology Router Manager (SRM)",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "1.2.4-8081"
}
]
}
}
]
},
"vendor_name": "Synology"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Synology Router Manager (SRM) before 1.2.4-8081 does not include the HTTPOnly flag in a Set-Cookie header for the session cookie, which makes it easier for remote attackers to obtain potentially sensitive information via script access to this cookie."
}
]
},
"impact": {
"cvss": {
"baseScore": "7.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-1004: Sensitive Cookie Without \u0027HttpOnly\u0027 Flag"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.synology.com/security/advisory/Synology_SA_20_14",
"refsource": "CONFIRM",
"url": "https://www.synology.com/security/advisory/Synology_SA_20_14"
},
{
"name": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1086",
"refsource": "MISC",
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1086"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "db201096-a0cc-46c7-9a55-61d9e221bf01",
"assignerShortName": "synology",
"cveId": "CVE-2020-27658",
"datePublished": "2020-10-29T08:55:23.280975Z",
"dateReserved": "2020-10-22T00:00:00",
"dateUpdated": "2024-09-17T03:23:52.926Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-13285
Vulnerability from cvelistv5
Published
2019-04-01 14:26
Modified
2024-09-17 01:46
Severity ?
EPSS score ?
Summary
Command injection vulnerability in ftpd in Synology Router Manager (SRM) before 1.1.7-6941-1 allows remote authenticated users to execute arbitrary OS commands via the (1) MKD or (2) RMD command.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.synology.com/security/advisory/Synology_SA_18_34 | x_refsource_CONFIRM |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Synology | Synology Router Manager (SRM) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T09:00:34.015Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.synology.com/security/advisory/Synology_SA_18_34"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Synology Router Manager (SRM)",
"vendor": "Synology",
"versions": [
{
"lessThan": "1.1.7-6941-1",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2019-03-31T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Command injection vulnerability in ftpd in Synology Router Manager (SRM) before 1.1.7-6941-1 allows remote authenticated users to execute arbitrary OS commands via the (1) MKD or (2) RMD command."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "Improper Neutralization of Special Elements used in an OS Command (CWE-78)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-04-01T14:26:58",
"orgId": "db201096-a0cc-46c7-9a55-61d9e221bf01",
"shortName": "synology"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.synology.com/security/advisory/Synology_SA_18_34"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@synology.com",
"DATE_PUBLIC": "2019-03-31T00:00:00",
"ID": "CVE-2018-13285",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Synology Router Manager (SRM)",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "1.1.7-6941-1"
}
]
}
}
]
},
"vendor_name": "Synology"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Command injection vulnerability in ftpd in Synology Router Manager (SRM) before 1.1.7-6941-1 allows remote authenticated users to execute arbitrary OS commands via the (1) MKD or (2) RMD command."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Neutralization of Special Elements used in an OS Command (CWE-78)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.synology.com/security/advisory/Synology_SA_18_34",
"refsource": "CONFIRM",
"url": "https://www.synology.com/security/advisory/Synology_SA_18_34"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "db201096-a0cc-46c7-9a55-61d9e221bf01",
"assignerShortName": "synology",
"cveId": "CVE-2018-13285",
"datePublished": "2019-04-01T14:26:58.107465Z",
"dateReserved": "2018-07-05T00:00:00",
"dateUpdated": "2024-09-17T01:46:19.313Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-27651
Vulnerability from cvelistv5
Published
2020-10-29 08:55
Modified
2024-09-16 16:53
Severity ?
EPSS score ?
Summary
Synology Router Manager (SRM) before 1.2.4-8081 does not set the Secure flag for the session cookie in an HTTPS session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an HTTP session.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.synology.com/security/advisory/Synology_SA_20_14 | x_refsource_CONFIRM | |
| https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1059 | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Synology | Synology Router Manager (SRM) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T16:18:45.523Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.synology.com/security/advisory/Synology_SA_20_14"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1059"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Synology Router Manager (SRM)",
"vendor": "Synology",
"versions": [
{
"lessThan": "1.2.4-8081",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2020-10-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Synology Router Manager (SRM) before 1.2.4-8081 does not set the Secure flag for the session cookie in an HTTPS session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an HTTP session."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-614",
"description": "CWE-614: Sensitive Cookie in HTTPS Session Without \u0027Secure\u0027 Attribute",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-10-29T20:06:17",
"orgId": "db201096-a0cc-46c7-9a55-61d9e221bf01",
"shortName": "synology"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.synology.com/security/advisory/Synology_SA_20_14"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1059"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@synology.com",
"DATE_PUBLIC": "2020-10-29T00:00:00",
"ID": "CVE-2020-27651",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Synology Router Manager (SRM)",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "1.2.4-8081"
}
]
}
}
]
},
"vendor_name": "Synology"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Synology Router Manager (SRM) before 1.2.4-8081 does not set the Secure flag for the session cookie in an HTTPS session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an HTTP session."
}
]
},
"impact": {
"cvss": {
"baseScore": "5.8",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:L",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-614: Sensitive Cookie in HTTPS Session Without \u0027Secure\u0027 Attribute"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.synology.com/security/advisory/Synology_SA_20_14",
"refsource": "CONFIRM",
"url": "https://www.synology.com/security/advisory/Synology_SA_20_14"
},
{
"name": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1059",
"refsource": "MISC",
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1059"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "db201096-a0cc-46c7-9a55-61d9e221bf01",
"assignerShortName": "synology",
"cveId": "CVE-2020-27651",
"datePublished": "2020-10-29T08:55:20.903504Z",
"dateReserved": "2020-10-22T00:00:00",
"dateUpdated": "2024-09-16T16:53:56.749Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-27654
Vulnerability from cvelistv5
Published
2020-10-29 08:55
Modified
2024-09-17 04:00
Severity ?
EPSS score ?
Summary
Improper access control vulnerability in lbd in Synology Router Manager (SRM) before 1.2.4-8081 allows remote attackers to execute arbitrary commands via port (1) 7786/tcp or (2) 7787/tcp.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.synology.com/security/advisory/Synology_SA_20_14 | x_refsource_CONFIRM | |
| https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1065 | x_refsource_MISC | |
| https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1064 | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Synology | Synology Router Manager (SRM) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T16:18:45.541Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.synology.com/security/advisory/Synology_SA_20_14"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1065"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1064"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Synology Router Manager (SRM)",
"vendor": "Synology",
"versions": [
{
"lessThan": "1.2.4-8081",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2020-10-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Improper access control vulnerability in lbd in Synology Router Manager (SRM) before 1.2.4-8081 allows remote attackers to execute arbitrary commands via port (1) 7786/tcp or (2) 7787/tcp."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269: Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-05-12T12:50:50",
"orgId": "db201096-a0cc-46c7-9a55-61d9e221bf01",
"shortName": "synology"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.synology.com/security/advisory/Synology_SA_20_14"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1065"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1064"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@synology.com",
"DATE_PUBLIC": "2020-10-29T00:00:00",
"ID": "CVE-2020-27654",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Synology Router Manager (SRM)",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "1.2.4-8081"
}
]
}
}
]
},
"vendor_name": "Synology"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Improper access control vulnerability in lbd in Synology Router Manager (SRM) before 1.2.4-8081 allows remote attackers to execute arbitrary commands via port (1) 7786/tcp or (2) 7787/tcp."
}
]
},
"impact": {
"cvss": {
"baseScore": "9.8",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-269: Improper Privilege Management"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.synology.com/security/advisory/Synology_SA_20_14",
"refsource": "CONFIRM",
"url": "https://www.synology.com/security/advisory/Synology_SA_20_14"
},
{
"name": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1065",
"refsource": "MISC",
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1065"
},
{
"name": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1064",
"refsource": "MISC",
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1064"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "db201096-a0cc-46c7-9a55-61d9e221bf01",
"assignerShortName": "synology",
"cveId": "CVE-2020-27654",
"datePublished": "2020-10-29T08:55:21.725529Z",
"dateReserved": "2020-10-22T00:00:00",
"dateUpdated": "2024-09-17T04:00:00.849Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-13289
Vulnerability from cvelistv5
Published
2019-04-01 14:28
Modified
2024-09-16 23:01
Severity ?
EPSS score ?
Summary
Information exposure vulnerability in SYNO.FolderSharing.List in Synology Router Manager (SRM) before 1.1.7-6941-2 allows remote attackers to obtain sensitive information via the (1) folder_path or (2) real_path parameter.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.synology.com/security/advisory/Synology_SA_18_48 | x_refsource_CONFIRM |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Synology | Synology Router Manager (SRM) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T09:00:34.485Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.synology.com/security/advisory/Synology_SA_18_48"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Synology Router Manager (SRM)",
"vendor": "Synology",
"versions": [
{
"lessThan": "1.1.7-6941-2",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2019-03-31T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Information exposure vulnerability in SYNO.FolderSharing.List in Synology Router Manager (SRM) before 1.1.7-6941-2 allows remote attackers to obtain sensitive information via the (1) folder_path or (2) real_path parameter."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "Information Exposure (CWE-200)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-04-01T14:28:24",
"orgId": "db201096-a0cc-46c7-9a55-61d9e221bf01",
"shortName": "synology"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.synology.com/security/advisory/Synology_SA_18_48"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@synology.com",
"DATE_PUBLIC": "2019-03-31T00:00:00",
"ID": "CVE-2018-13289",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Synology Router Manager (SRM)",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "1.1.7-6941-2"
}
]
}
}
]
},
"vendor_name": "Synology"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Information exposure vulnerability in SYNO.FolderSharing.List in Synology Router Manager (SRM) before 1.1.7-6941-2 allows remote attackers to obtain sensitive information via the (1) folder_path or (2) real_path parameter."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Exposure (CWE-200)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.synology.com/security/advisory/Synology_SA_18_48",
"refsource": "CONFIRM",
"url": "https://www.synology.com/security/advisory/Synology_SA_18_48"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "db201096-a0cc-46c7-9a55-61d9e221bf01",
"assignerShortName": "synology",
"cveId": "CVE-2018-13289",
"datePublished": "2019-04-01T14:28:24.612444Z",
"dateReserved": "2018-07-05T00:00:00",
"dateUpdated": "2024-09-16T23:01:29.488Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-27655
Vulnerability from cvelistv5
Published
2020-10-29 08:55
Modified
2024-09-17 00:25
Severity ?
EPSS score ?
Summary
Improper access control vulnerability in Synology Router Manager (SRM) before 1.2.4-8081 allows remote attackers to access restricted resources via inbound QuickConnect traffic.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.synology.com/security/advisory/Synology_SA_20_14 | x_refsource_CONFIRM | |
| https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1066 | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Synology | Synology Router Manager (SRM) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T16:18:45.529Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.synology.com/security/advisory/Synology_SA_20_14"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1066"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Synology Router Manager (SRM)",
"vendor": "Synology",
"versions": [
{
"lessThan": "1.2.4-8081",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2020-10-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Improper access control vulnerability in Synology Router Manager (SRM) before 1.2.4-8081 allows remote attackers to access restricted resources via inbound QuickConnect traffic."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269: Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-05-12T12:50:50",
"orgId": "db201096-a0cc-46c7-9a55-61d9e221bf01",
"shortName": "synology"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.synology.com/security/advisory/Synology_SA_20_14"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1066"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@synology.com",
"DATE_PUBLIC": "2020-10-29T00:00:00",
"ID": "CVE-2020-27655",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Synology Router Manager (SRM)",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "1.2.4-8081"
}
]
}
}
]
},
"vendor_name": "Synology"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Improper access control vulnerability in Synology Router Manager (SRM) before 1.2.4-8081 allows remote attackers to access restricted resources via inbound QuickConnect traffic."
}
]
},
"impact": {
"cvss": {
"baseScore": "6.5",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-269: Improper Privilege Management"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.synology.com/security/advisory/Synology_SA_20_14",
"refsource": "CONFIRM",
"url": "https://www.synology.com/security/advisory/Synology_SA_20_14"
},
{
"name": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1066",
"refsource": "MISC",
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1066"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "db201096-a0cc-46c7-9a55-61d9e221bf01",
"assignerShortName": "synology",
"cveId": "CVE-2020-27655",
"datePublished": "2020-10-29T08:55:22.192913Z",
"dateReserved": "2020-10-22T00:00:00",
"dateUpdated": "2024-09-17T00:25:27.752Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-0077
Vulnerability from cvelistv5
Published
2023-01-05 09:07
Modified
2024-08-02 04:54
Severity ?
EPSS score ?
Summary
Integer overflow or wraparound vulnerability in CGI component in Synology Router Manager (SRM) before 1.2.5-8227-6 and 1.3.1-9346-3 allows remote attackers to overflow buffers via unspecified vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.synology.com/en-global/security/advisory/Synology_SA_22_25 | vendor-advisory |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Synology | Synology Router Manager (SRM) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:54:32.609Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "Synology_SA_22_25",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.synology.com/en-global/security/advisory/Synology_SA_22_25"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Synology Router Manager (SRM)",
"vendor": "Synology",
"versions": [
{
"lessThan": "1.2.5-8227-6",
"status": "affected",
"version": "1.2",
"versionType": "semver"
},
{
"lessThan": "1.3.1-9346-3",
"status": "affected",
"version": "1.3",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Integer overflow or wraparound vulnerability in CGI component in Synology Router Manager (SRM) before 1.2.5-8227-6 and 1.3.1-9346-3 allows remote attackers to overflow buffers via unspecified vectors."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-190: Integer Overflow or Wraparound",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-01-05T09:07:22.013Z",
"orgId": "db201096-a0cc-46c7-9a55-61d9e221bf01",
"shortName": "synology"
},
"references": [
{
"name": "Synology_SA_22_25",
"tags": [
"vendor-advisory"
],
"url": "https://www.synology.com/en-global/security/advisory/Synology_SA_22_25"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "db201096-a0cc-46c7-9a55-61d9e221bf01",
"assignerShortName": "synology",
"cveId": "CVE-2023-0077",
"datePublished": "2023-01-05T09:07:22.013Z",
"dateReserved": "2023-01-05T07:29:59.166Z",
"dateUpdated": "2024-08-02T04:54:32.609Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-8918
Vulnerability from cvelistv5
Published
2018-12-24 15:00
Modified
2024-09-17 03:12
Severity ?
EPSS score ?
Summary
Cross-site scripting (XSS) vulnerability in info.cgi in Synology Router Manager (SRM) before 1.1.7-6941 allows remote attackers to inject arbitrary web script or HTML via the host parameter.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.synology.com/security/advisory/Synology_SA_18_25 | x_refsource_CONFIRM |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Synology | Synology Router Manager (SRM) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T07:10:46.972Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.synology.com/security/advisory/Synology_SA_18_25"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Synology Router Manager (SRM)",
"vendor": "Synology",
"versions": [
{
"lessThan": "1.1.7-6941",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2018-12-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in info.cgi in Synology Router Manager (SRM) before 1.1.7-6941 allows remote attackers to inject arbitrary web script or HTML via the host parameter."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "Cross-site Scripting (CWE-79)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-12-24T14:57:01",
"orgId": "db201096-a0cc-46c7-9a55-61d9e221bf01",
"shortName": "synology"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.synology.com/security/advisory/Synology_SA_18_25"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@synology.com",
"DATE_PUBLIC": "2018-12-24T00:00:00",
"ID": "CVE-2018-8918",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Synology Router Manager (SRM)",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "1.1.7-6941"
}
]
}
}
]
},
"vendor_name": "Synology"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in info.cgi in Synology Router Manager (SRM) before 1.1.7-6941 allows remote attackers to inject arbitrary web script or HTML via the host parameter."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-site Scripting (CWE-79)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.synology.com/security/advisory/Synology_SA_18_25",
"refsource": "CONFIRM",
"url": "https://www.synology.com/security/advisory/Synology_SA_18_25"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "db201096-a0cc-46c7-9a55-61d9e221bf01",
"assignerShortName": "synology",
"cveId": "CVE-2018-8918",
"datePublished": "2018-12-24T15:00:00Z",
"dateReserved": "2018-03-22T00:00:00",
"dateUpdated": "2024-09-17T03:12:24.697Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-39347
Vulnerability from cvelistv5
Published
2024-06-28 06:30
Modified
2024-08-02 04:26
Severity ?
EPSS score ?
Summary
Incorrect default permissions vulnerability in firewall functionality in Synology Router Manager (SRM) before 1.2.5-8227-11 and 1.3.1-9346-8 allows man-in-the-middle attackers to access highly sensitive intranet resources via unspecified vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.synology.com/en-global/security/advisory/Synology_SA_23_16 | vendor-advisory |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Synology | Synology Router Manager (SRM) |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-39347",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-01T14:49:31.346987Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-02T16:39:01.301Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:26:14.241Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "Synology-SA-23:16 SRM (PWN2OWN 2023)",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.synology.com/en-global/security/advisory/Synology_SA_23_16"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Synology Router Manager (SRM)",
"vendor": "Synology",
"versions": [
{
"lessThan": "1.3.1-9346-8",
"status": "affected",
"version": "1.3",
"versionType": "semver"
},
{
"lessThan": "1.2.5-8227-11",
"status": "affected",
"version": "1.2",
"versionType": "semver"
},
{
"lessThan": "1.2",
"status": "unknown",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Tri and Bien Pham (@bienpnn) from Team Orca of Sea Security working with Trend Micro Zero Day Initiative"
}
],
"descriptions": [
{
"lang": "en",
"value": "Incorrect default permissions vulnerability in firewall functionality in Synology Router Manager (SRM) before 1.2.5-8227-11 and 1.3.1-9346-8 allows man-in-the-middle attackers to access highly sensitive intranet resources via unspecified vectors."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-276",
"description": "CWE-276: Incorrect Default Permissions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-28T06:30:10.727Z",
"orgId": "db201096-a0cc-46c7-9a55-61d9e221bf01",
"shortName": "synology"
},
"references": [
{
"name": "Synology-SA-23:16 SRM (PWN2OWN 2023)",
"tags": [
"vendor-advisory"
],
"url": "https://www.synology.com/en-global/security/advisory/Synology_SA_23_16"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "db201096-a0cc-46c7-9a55-61d9e221bf01",
"assignerShortName": "synology",
"cveId": "CVE-2024-39347",
"datePublished": "2024-06-28T06:30:10.727Z",
"dateReserved": "2024-06-24T10:57:17.890Z",
"dateUpdated": "2024-08-02T04:26:14.241Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-0142
Vulnerability from cvelistv5
Published
2023-06-13 06:52
Modified
2024-08-02 05:02
Severity ?
EPSS score ?
Summary
Uncontrolled search path element vulnerability in Backup Management Functionality in Synology DiskStation Manager (DSM) before 7.1-42661 allows remote authenticated users to read or write arbitrary files via unspecified vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.synology.com/en-global/security/advisory/Synology_SA_23_05 | vendor-advisory | |
| https://www.synology.com/en-global/security/advisory/Synology_SA_23_06 | vendor-advisory |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T05:02:43.739Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "Synology-SA-23:05 DSM",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.synology.com/en-global/security/advisory/Synology_SA_23_05"
},
{
"name": "Synology-SA-23:06 SRM",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.synology.com/en-global/security/advisory/Synology_SA_23_06"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "DiskStation Manager (DSM)",
"vendor": "Synology",
"versions": [
{
"lessThan": "7.2.*",
"status": "unaffected",
"version": "7.2",
"versionType": "semver"
},
{
"lessThan": "7.1-42661",
"status": "affected",
"version": "7.1",
"versionType": "semver"
},
{
"lessThan": "7.0.*",
"status": "affected",
"version": "7.0",
"versionType": "semver"
},
{
"lessThan": "6.2.*",
"status": "affected",
"version": "6.2",
"versionType": "semver"
},
{
"lessThan": "6.2",
"status": "unknown",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "affected",
"product": "Unified Controller (DSMUC)",
"vendor": "Synology",
"versions": [
{
"lessThan": "3.1.*",
"status": "affected",
"version": "3.1",
"versionType": "semver"
},
{
"lessThan": "3.1",
"status": "unknown",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "affected",
"product": "Synology Router Manager (SRM)",
"vendor": "Synology",
"versions": [
{
"lessThan": "1.3.*",
"status": "affected",
"version": "1.3",
"versionType": "semver"
},
{
"lessThan": "1.2.*",
"status": "affected",
"version": "1.2",
"versionType": "semver"
},
{
"lessThan": "1.2",
"status": "unknown",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Chanyoung So"
}
],
"descriptions": [
{
"lang": "en",
"value": "Uncontrolled search path element vulnerability in Backup Management Functionality in Synology DiskStation Manager (DSM) before 7.1-42661 allows remote authenticated users to read or write arbitrary files via unspecified vectors."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-427: Uncontrolled Search Path Element",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-06-13T11:17:29.816Z",
"orgId": "db201096-a0cc-46c7-9a55-61d9e221bf01",
"shortName": "synology"
},
"references": [
{
"name": "Synology-SA-23:05 DSM",
"tags": [
"vendor-advisory"
],
"url": "https://www.synology.com/en-global/security/advisory/Synology_SA_23_05"
},
{
"name": "Synology-SA-23:06 SRM",
"tags": [
"vendor-advisory"
],
"url": "https://www.synology.com/en-global/security/advisory/Synology_SA_23_06"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "db201096-a0cc-46c7-9a55-61d9e221bf01",
"assignerShortName": "synology",
"cveId": "CVE-2023-0142",
"datePublished": "2023-06-13T06:52:50.745Z",
"dateReserved": "2023-01-10T02:14:16.029Z",
"dateUpdated": "2024-08-02T05:02:43.739Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-13287
Vulnerability from cvelistv5
Published
2019-04-01 14:26
Modified
2024-09-16 20:17
Severity ?
EPSS score ?
Summary
Incorrect default permissions vulnerability in synouser.conf in Synology Router Manager (SRM) before 1.1.7-6941-1 allows remote authenticated users to obtain sensitive information via the world readable configuration.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.synology.com/security/advisory/Synology_SA_18_34 | x_refsource_CONFIRM |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Synology | Synology Router Manager (SRM) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T09:00:34.595Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.synology.com/security/advisory/Synology_SA_18_34"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Synology Router Manager (SRM)",
"vendor": "Synology",
"versions": [
{
"lessThan": "1.1.7-6941-1",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2019-03-31T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Incorrect default permissions vulnerability in synouser.conf in Synology Router Manager (SRM) before 1.1.7-6941-1 allows remote authenticated users to obtain sensitive information via the world readable configuration."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-276",
"description": "Incorrect Default Permissions (CWE-276)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-04-01T14:26:58",
"orgId": "db201096-a0cc-46c7-9a55-61d9e221bf01",
"shortName": "synology"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.synology.com/security/advisory/Synology_SA_18_34"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@synology.com",
"DATE_PUBLIC": "2019-03-31T00:00:00",
"ID": "CVE-2018-13287",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Synology Router Manager (SRM)",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "1.1.7-6941-1"
}
]
}
}
]
},
"vendor_name": "Synology"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Incorrect default permissions vulnerability in synouser.conf in Synology Router Manager (SRM) before 1.1.7-6941-1 allows remote authenticated users to obtain sensitive information via the world readable configuration."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Incorrect Default Permissions (CWE-276)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.synology.com/security/advisory/Synology_SA_18_34",
"refsource": "CONFIRM",
"url": "https://www.synology.com/security/advisory/Synology_SA_18_34"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "db201096-a0cc-46c7-9a55-61d9e221bf01",
"assignerShortName": "synology",
"cveId": "CVE-2018-13287",
"datePublished": "2019-04-01T14:26:58.147334Z",
"dateReserved": "2018-07-05T00:00:00",
"dateUpdated": "2024-09-16T20:17:15.528Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-41740
Vulnerability from cvelistv5
Published
2023-08-31 09:08
Modified
2024-10-01 17:57
Severity ?
EPSS score ?
Summary
Improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in cgi component in Synology Router Manager (SRM) before 1.3.1-9346-6 allows remote attackers to read specific files via unspecified vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.synology.com/en-global/security/advisory/Synology_SA_23_10 | vendor-advisory |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Synology | Synology Router Manager (SRM) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:09:47.982Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "Synology-SA-23:10 SRM",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.synology.com/en-global/security/advisory/Synology_SA_23_10"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-41740",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-01T17:57:01.146070Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-01T17:57:14.549Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Synology Router Manager (SRM)",
"vendor": "Synology",
"versions": [
{
"lessThan": "1.3.1-9346-6",
"status": "affected",
"version": "1.3",
"versionType": "semver"
},
{
"lessThan": "1.3",
"status": "unknown",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Claroty Research - Vera Mens, Uri Katz, Noam Moshe, Sharon Brizinov"
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper limitation of a pathname to a restricted directory (\u0027Path Traversal\u0027) vulnerability in cgi component in Synology Router Manager (SRM) before 1.3.1-9346-6 allows remote attackers to read specific files via unspecified vectors."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-31T09:08:58.115Z",
"orgId": "db201096-a0cc-46c7-9a55-61d9e221bf01",
"shortName": "synology"
},
"references": [
{
"name": "Synology-SA-23:10 SRM",
"tags": [
"vendor-advisory"
],
"url": "https://www.synology.com/en-global/security/advisory/Synology_SA_23_10"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "db201096-a0cc-46c7-9a55-61d9e221bf01",
"assignerShortName": "synology",
"cveId": "CVE-2023-41740",
"datePublished": "2023-08-31T09:08:58.115Z",
"dateReserved": "2023-08-31T07:54:07.974Z",
"dateUpdated": "2024-10-01T17:57:14.549Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-12078
Vulnerability from cvelistv5
Published
2018-06-08 13:00
Modified
2024-09-17 02:48
Severity ?
EPSS score ?
Summary
Command injection vulnerability in EZ-Internet in Synology Router Manager (SRM) before 1.1.6-6931 allows remote authenticated users to execute arbitrary command via the username parameter.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.synology.com/en-global/support/security/Synology_SA_17_79 | x_refsource_CONFIRM |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Synology | Synology Router Manager (SRM) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:28:16.475Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.synology.com/en-global/support/security/Synology_SA_17_79"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Synology Router Manager (SRM)",
"vendor": "Synology",
"versions": [
{
"lessThan": "1.1.6-6931",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2018-06-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Command injection vulnerability in EZ-Internet in Synology Router Manager (SRM) before 1.1.6-6931 allows remote authenticated users to execute arbitrary command via the username parameter."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "Improper Neutralization of Special Elements used in a Command (CWE-77)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-06-08T12:57:01",
"orgId": "db201096-a0cc-46c7-9a55-61d9e221bf01",
"shortName": "synology"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.synology.com/en-global/support/security/Synology_SA_17_79"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@synology.com",
"DATE_PUBLIC": "2018-06-08T00:00:00",
"ID": "CVE-2017-12078",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Synology Router Manager (SRM)",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "1.1.6-6931"
}
]
}
}
]
},
"vendor_name": "Synology"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Command injection vulnerability in EZ-Internet in Synology Router Manager (SRM) before 1.1.6-6931 allows remote authenticated users to execute arbitrary command via the username parameter."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Neutralization of Special Elements used in a Command (CWE-77)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.synology.com/en-global/support/security/Synology_SA_17_79",
"refsource": "CONFIRM",
"url": "https://www.synology.com/en-global/support/security/Synology_SA_17_79"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "db201096-a0cc-46c7-9a55-61d9e221bf01",
"assignerShortName": "synology",
"cveId": "CVE-2017-12078",
"datePublished": "2018-06-08T13:00:00Z",
"dateReserved": "2017-07-31T00:00:00",
"dateUpdated": "2024-09-17T02:48:07.951Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}