Lucene search
SynologyCVELIST:CVE-2022-22683HistoryJul 28, 2022 - 7:00 a.m.
CVE-2022-22683
2022-07-2807:00:13
CWE-120
synology
www.cve.org
4
buffer overflow
synology
media server
remote attackers
arbitrary code
CVSS3
10
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
AI Score
9.9
Confidence
High
EPSS
0.001
Percentile
49.3%
Buffer copy without checking size of input (‘Classic Buffer Overflow’) vulnerability in cgi component in Synology Media Server before 1.8.1-2876 allows remote attackers to execute arbitrary code via unspecified vectors.
CNA Affected
[
{
"product": "Media Server",
"vendor": "Synology",
"versions": [
{
"lessThan": "1.8.1-2876",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
]Related
nvd
nvd
CVE-2022-22683
2022-07-28 07:15:07
prion
prion
Buffer overflow
2022-07-28 07:15:00
cnvd
cnvd
Synology Media Server Buffer Overflow Vulnerability
2022-07-30 00:00:00
cve
cve
CVE-2022-22683
2022-07-28 07:15:07
CVSS3
10
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
AI Score
9.9
Confidence
High
EPSS
0.001
Percentile
49.3%
Related for CVELIST:CVE-2022-22683