Lucene search
HistoryJul 28, 2022 - 7:15 a.m.
CVE-2022-22683
buffer overflow
synology media server
remote attackers
arbitrary code execution
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS
0.001
Percentile
49.3%
Buffer copy without checking size of input (‘Classic Buffer Overflow’) vulnerability in cgi component in Synology Media Server before 1.8.1-2876 allows remote attackers to execute arbitrary code via unspecified vectors.
Affected configurations
Node
synologymedia_serverRange<1.8.1-2876
synologydiskstation_managerMatch6.2
Node
synologymedia_serverRange<1.4-2665
synologyrouter_managerMatch1.2
| Vendor | Product | Version | CPE |
|---|---|---|---|
| synology | media_server | * | cpe:2.3:a:synology:media_server:*:*:*:*:*:*:*:* |
| synology | diskstation_manager | 6.2 | cpe:2.3:a:synology:diskstation_manager:6.2:*:*:*:*:*:*:* |
| synology | router_manager | 1.2 | cpe:2.3:a:synology:router_manager:1.2:*:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2022-22683
2022-07-28 07:00:13
prion
prion
Buffer overflow
2022-07-28 07:15:00
cnvd
cnvd
Synology Media Server Buffer Overflow Vulnerability
2022-07-30 00:00:00
cve
cve
CVE-2022-22683
2022-07-28 07:15:07
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS
0.001
Percentile
49.3%
Related for NVD:CVE-2022-22683