Lucene search
K

261 matches found

CVE
CVE
added 2020/10/29 8:55 a.m.62 views

CVE-2020-27658

Synology SRM (on SRM up to 1.2.4-8081) is affected by CVE-2020-27658: the web interface session cookie id is Set-Cookie without the HttpOnly flag, enabling potential theft of the cookie via injected JavaScript and facilitating an XSS-based information disclosure. TALOS details confirm the vulnera...

7.1CVSS6.6AI score0.01297EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2020/10/29 8:55 a.m.36 views

CVE-2020-27658

Synology Router Manager SRM before 1.2.4-8081 does not include the HTTPOnly flag in a Set-Cookie header for the session cookie, which makes it easier for remote attackers to obtain potentially sensitive information via script access to this cookie...

7.1CVSS6.8AI score0.01297EPSS
Exploits1References2
CVE
CVE
added 2020/10/29 8:55 a.m.62 views

CVE-2020-27655

CVE-2020-27655 is an improper access control vulnerability in Synology Router Manager (SRM) before 1.2.4-8081, where inbound QuickConnect traffic can reach restricted resources. Talos documents a QuickConnect iptables misconfiguration in SRM that allows packets from the QuickConnect VPN (tun1000)...

10CVSS9.3AI score0.01745EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2020/10/29 8:55 a.m.52 views

CVE-2020-27657

CVE-2020-27657 is associated with Synology SRM where a DNSExit DDNS update over SRM’s DDNS feature transmits credentials in cleartext. The TALOS analysis (TALOS-2020-1071) describes an information disclosure in the dnsExit DDNS provider: SRM 1.2.3 RT2600ac 8017-5 uses a PHP script dnsexit.php tha...

6.5CVSS6.3AI score0.00578EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2020/10/29 8:55 a.m.36 views

CVE-2020-27655

Improper access control vulnerability in Synology Router Manager SRM before 1.2.4-8081 allows remote attackers to access restricted resources via inbound QuickConnect traffic...

6.5CVSS9.5AI score0.01745EPSS
Exploits1References2
CVE
CVE
added 2020/10/29 8:55 a.m.55 views

CVE-2020-27654

CVE-2020-27654 relates to Synology Router Manager (SRM) where the Qualcomm lbd service (two instances, port 7786 and 7787) lacks authentication. The flaw allows remote attackers to execute arbitrary commands as root due to improper access control, enabling remote code execution via the lbd dbg me...

9.8CVSS9.8AI score0.04625EPSS
Exploits1References3Affected Software1
CVE
CVE
added 2020/10/29 8:55 a.m.53 views

CVE-2020-27649

CVE-2020-27649 is an improper certificate validation vulnerability in the OpenVPN client used by Synology SRM. The issue enables MITM attackers to spoof the VPN server and access sensitive data via a crafted certificate on SRM versions prior to 1.2.4-8081. Talos describes an in-depth attack chain...

9CVSS8.5AI score0.00711EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2020/10/29 8:55 a.m.53 views

CVE-2020-27651

CVE-2020-27651 affects Synology SRM (RT2600ac) prior to 1.2.4-8081. The issue is that the web interface session cookie is issued without the Secure flag in HTTPS, enabling an attacker to capture the cookie via MITM in an HTTP session. Talos documentation confirms the vulnerable SRM web interface ...

8.1CVSS8.4AI score0.00762EPSS
Exploits1References2Affected Software1
Talos
Talos
added 2020/10/29 12:0 a.m.115 views

Synology SRM dnsExit DDNS provider information disclosure vulnerability

Summary An information disclosure vulnerability exists in the dnsExit DDNS provider functionality of Synology SRM 1.2.3 RT2600ac 8017-5. A specially crafted man-in-the-middle attack can steal the dnsExit credentials to take over the registered subdomain. An attacker can impersonate the remote...

5AI score
Exploits0
Talos
Talos
added 2020/10/29 12:0 a.m.64 views

Synology SRM lbd service Command Execution Vulnerability

Summary An exploitable command execution vulnerability exists in the lbd service functionality of Qualcomm lbd 1.1, as present in Synology SRM 1.2.3 RT2600ac 8017-5. A specially crafted debug command can overwrite arbitrary files with controllable content, resulting in remote code execution. An...

9.8CVSS10AI score0.20075EPSS
Exploits1
Talos
Talos
added 2020/10/29 12:0 a.m.42 views

Synology SRM web interface session cookie secure flag Information Disclosure Vulnerability

Talos Vulnerability Report TALOS-2020-1059 Synology SRM web interface session cookie secure flag Information Disclosure Vulnerability October 29, 2020 CVE Number CVE-2020-27651 SUMMARY An exploitable information disclosure vulnerability exists in the web interface session cookie functionality of...

8.1CVSS6.5AI score0.00762EPSS
Exploits1
Talos
Talos
added 2020/10/29 12:0 a.m.111 views

Synology SRM QuickConnect HTTP connection Information Disclosure Vulnerability

Talos Vulnerability Report TALOS-2020-1061 Synology SRM QuickConnect HTTP connection Information Disclosure Vulnerability October 29, 2020 CVE Number CVE-2020-27653 SUMMARY An exploitable information disclosure vulnerability exists in the QuickConnect HTTP connection functionality of Synology SRM...

8.3CVSS7.7AI score0.00822EPSS
Exploits1
Openbugbounty
Openbugbounty
added 2020/10/14 1:59 a.m.15 views

srm.rldatix.com Cross Site Scripting vulnerability OBB-1405944

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

6.2AI score
Exploits0
Talos
Talos
added 2020/05/06 12:0 a.m.42 views

Synology SRM DHCP monitor hostname parsing Denial of Service Vulnerability

Summary An exploitable denial of service vulnerability exists in the DHCP monitor’s hostname parsing functionality of Synology SRM 1.2.3 MR2200ac 8017 and 1.2.3 RT2600ac 8017. A specially crafted network request can cause an out-of-bounds read resulting in a denial of service. An attacker can sen...

8.6CVSS8.2AI score0.02445EPSS
Exploits1
NVD
NVD
added 2020/05/04 10:15 a.m.21 views

CVE-2019-11823

CRLF injection vulnerability in Network Center in Synology Router Manager SRM before 1.2.3-8017-2 allows remote attackers to cause a denial of service out-of-bounds read and application crash via crafted network traffic...

8.6CVSS8.3AI score0.02445EPSS
Exploits1References2
Prion
Prion
added 2020/05/04 10:15 a.m.16 views

Crlf injection

CRLF injection vulnerability in Network Center in Synology Router Manager SRM before 1.2.3-8017-2 allows remote attackers to cause a denial of service out-of-bounds read and application crash via crafted network traffic...

5CVSS7.3AI score0.02445EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2020/05/04 10:0 a.m.58 views

CVE-2019-11823

CVE-2019-11823 is a CRLF-injection DoS vulnerability in the Synology Router Manager (SRM) Network Center, exploitable on SRM versions before 1.2.3-8017-2. An attacker can send crafted network traffic to trigger an out-of-bounds read, crashing the application. Multiple sources (NVD, CVE lists, Syn...

8.6CVSS7.4AI score0.02445EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2019/09/10 4:9 p.m.62 views

CVE-2019-0361

Summary : CVE-2019-0361 affects SAP Supplier Relationship Management (SRM) – specifically the Master Data Management Catalog (SRM_MDM_CAT) . The vulnerability arises because the component does not sufficiently encode user-controlled inputs , resulting in a Cross-Site Scripting (XSS) issue. Affect...

6.1CVSS5.9AI score0.00648EPSS
Exploits0References2Affected Software1
CNVD
CNVD
added 2019/08/08 12:0 a.m.2 views

Information Leakage Vulnerability in Zhenyun Technology's HAND SRM System

Zhen Yun Technology HAND SRM system is a one-stop digital management platform based on SaaS service/technology architecture. An information leakage vulnerability exists in Zhen Yun Technology HAND SRM System, which can be exploited by attackers to obtain sensitive information...

6.5AI score
Exploits0
NVD
NVD
added 2019/04/01 3:29 p.m.22 views

CVE-2018-13292

Information exposure vulnerability in /usr/syno/etc/mount.conf in Synology Router Manager SRM before 1.1.7-6941-2 allows remote authenticated users to obtain sensitive information via the world readable configuration...

4.3CVSS4.1AI score0.01297EPSS
Exploits0References1
Rows per page
Query Builder