4 matches found
Synology DiskStation Manager Cleartext Transmission of Sensitive Information (CVE-2021-26564)
Cleartext transmission of sensitive information vulnerability in synorelayd in Synology DiskStation Manager DSM before 6.2.3-25426-3 allows man-in-the-middle attackers to spoof servers via an HTTP session. This plugin only works with Tenable.ot. Please visit...
Synology DiskStation Manager (DSM) 6.2.x < 6.2.3-25426-3 Multiple Vulnerabilities (Synology-SA-20:26) - Remote Known Vulnerable Versions Check
Synology DiskStation Manager DSM is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Synology DiskStation Manager (DSM) 6.2.x < 6.2.3-25426-3 Multiple Vulnerabilities (Synology-SA-20:26) - Unreliable Remote Version Check
Synology DiskStation Manager DSM is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
CVE-2021-26564
CVE-2021-26564 is a vulnerability in Synology DiskStation Manager (DSM) due to cleartext transmission in the synorelayd component prior to version 6.2.3-25426-3. The flaw allows man-in-the-middle attackers to spoof servers via an HTTP session, exposing sensitive information. Connected sources ali...