4 matches found
CVE-2022-43931
Out-of-bounds write vulnerability in Remote Desktop Functionality in Synology VPN Plus Server before 1.4.3-0534 and 1.4.4-0635 allows remote attackers to execute arbitrary commands via unspecified vectors...
Synology VPN Plus Server 缓冲区错误漏洞
Synology VPN Plus Server is a product of Synology, a Chinese company, which is used to turn Synology Router into an advanced virtual private network server. A buffer error vulnerability exists in Synology VPN Plus Server version 1.2 up to and including 1.4.3-0534, 1.3 up to and including...
Synology SSO Server Clickjacking Vulnerability
Synology SSO Server is a server software from Synology Inc. of Taiwan, China that provides single sign-on functionality. A security vulnerability exists in the SSOOauth.cgi file in Synology SSO Server versions prior to 2.1.3-0129. A remote attacker can conduct clickjacking attacks via unspecified...
CVE-2017-15887
An improper restriction of excessive authentication attempts vulnerability in /principals in Synology CardDAV Server before 6.0.7-0085 allows remote attackers to obtain user credentials via a brute-force attack...