4 matches found
Synology DSM Use of a Broken or Risky Cryptographic Algorithm (CVE-2020-27653)
Algorithm downgrade vulnerability in QuickConnect in Synology DiskStation Manager DSM before 6.2.325426 allows man-in-the-middle attackers to spoof servers and obtain sensitive information via unspecified vectors. This plugin only works with Tenable.ot. Please visit...
CVE-2020-27653
Algorithm downgrade vulnerability in QuickConnect in Synology Router Manager SRM before 1.2.4-8081 allows man-in-the-middle attackers to spoof servers and obtain sensitive information via unspecified vectors...
CVE-2020-27653
CVE-2020-27653 affects Synology SRM (SRM 1.2.x) via QuickConnect. Talos documents an information-disclosure/mitm scenario where an attacker downgrades the VPN/HTTPS channel from HTTPS to HTTP, enabling interception of web traffic and session cookies. Affected versions include SRM 1.2.3 RT2600ac a...
CVE-2020-27653
Algorithm downgrade vulnerability in QuickConnect in Synology Router Manager SRM before 1.2.4-8081 allows man-in-the-middle attackers to spoof servers and obtain sensitive information via unspecified vectors...