11 matches found
Vulnerabilities fixed in Synology SSL VPN Client
Synology has fixed vulnerabilities in Synology SSL VPN Client. A malicious party can exploit these vulnerabilities because Synology SSL VPN Client with version before 1.4.5-0684 stores PINs insecurely and does not adequately shield files via a local HTTP server component. This can lead to...
EUVD-2018-20537
Malware in sbrugna...
EUVD-2018-5231
Malware in sbrugna...
EUVD-2023-58034
Malicious code in bioql PyPI...
CVE-2023-5748
Buffer copy without checking size of input 'Classic Buffer Overflow' vulnerability in cgi component in Synology SSL VPN Client before 1.4.7-0687 allows local users to conduct denial-of-service attacks via unspecified vectors...
Synology SSL VPN Client Security Vulnerability
Synology SSL VPN Client is a VPN client software for secure connection to Synology NAS from China-based Synology Inc. A security vulnerability exists in Synology SSL VPN Client prior to version 1.4.7-0687, which stems from a buffer replication in the cgi component that does not check the input...
PT-2023-32302 · Synology · Synology Ssl Vpn Client
Name of the Vulnerable Software and Affected Versions: Synology SSL VPN Client versions prior to 1.4.7-0687 Description: The issue is related to a buffer copy without checking the size of the input, which is a 'Classic Buffer Overflow' vulnerability in the cgi component. This allows local users t...
CVE-2018-13283
Lack of administrator control over security vulnerability in client.cgi in Synology SSL VPN Client before 1.2.5-0226 allows remote attackers to conduct man-in-the-middle attacks via the 1 command, 2 hostname, or 3 port parameter...
CVE-2018-8929
Improper restriction of communication channel to intended endpoints vulnerability in HTTP daemon in Synology SSL VPN Client before 1.2.4-0224 allows remote attackers to conduct man-in-the-middle attacks via a crafted payload...
CVE-2018-8929
Improper restriction of communication channel to intended endpoints vulnerability in HTTP daemon in Synology SSL VPN Client before 1.2.4-0224 allows remote attackers to conduct man-in-the-middle attacks via a crafted payload...
CVE-2018-8929
Improper restriction of communication channel to intended endpoints vulnerability in HTTP daemon in Synology SSL VPN Client before 1.2.4-0224 allows remote attackers to conduct man-in-the-middle attacks via a crafted payload...