4 matches found
CVE-2023-2729
Use of insufficiently random values vulnerability in User Management Functionality in Synology DiskStation Manager DSM before 7.2-64561 allows remote attackers to obtain user credential via unspecified vectors...
New Admin Takeover Vulnerability Exposed in Synology's DiskStation Manager
A medium-severity flaw has been discovered in Synology's DiskStation Manager DSM that could be exploited to decipher an administrator's password and remotely hijack the account. "Under some rare conditions, an attacker could leak enough information to restore the seed of the pseudorandom number...
CVE-2023-2729
Use of insufficiently random values vulnerability in User Management Functionality in Synology DiskStation Manager DSM before 7.2-64561 allows remote attackers to obtain user credential via unspecified vectors...
CVE-2023-2729
CVE-2023-2729 affects Synology DiskStation Manager (DSM) prior to 7.2-64561, where the user management functionality relies on insufficiently random values, enabling remote attackers to obtain user credentials via unspecified vectors. Root cause: weak randomness in PRNG construction during admin ...