Router Manager@* Security Vulnerabilities and Issues — Router Manager@* CVE List

Lucene search

SynologyRouter Manager*

10 matches found

CVE•added 2023/06/13 8:15 a.m.•113 views

CVE-2023-2729

Use of insufficiently random values vulnerability in User Management Functionality in Synology DiskStation Manager (DSM) before 7.2-64561 allows remote attackers to obtain user credential via unspecified vectors.

7.5CVSS7.4AI score0.00256EPSS

CVE•added 2023/06/13 7:15 a.m.•57 views

CVE-2023-0142

Uncontrolled search path element vulnerability in Backup Management functionality in Synology DiskStation Manager (DSM) before 6.2.4-25556-8, 7.0.1-42218-7 and 7.1-42661 allows remote authenticated users with administrator privileges to read or write arbitrary files via unspecified vectors.

8.1CVSS6.9AI score0.00121EPSS

CVE•added 2023/05/16 8:15 a.m.•57 views

CVE-2023-32956

Improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability in CGI component in Synology Router Manager (SRM) before 1.2.5-8227-6 and 1.3.1-9346-3 allows remote attackers to execute arbitrary code via unspecified vectors.

9.8CVSS9.8AI score0.02367EPSS

CVE•added 2023/01/05 10:15 a.m.•50 views

CVE-2022-43932

Improper neutralization of special elements in output used by a downstream component ('Injection') vulnerability in CGI component in Synology Router Manager (SRM) before 1.2.5-8227-6 and 1.3.1-9346-3 allows remote attackers to read arbitrary files via unspecified vectors.

7.5CVSS7.3AI score0.00162EPSS

CVE•added 2023/01/05 10:15 a.m.•47 views

CVE-2023-0077

Integer overflow or wraparound vulnerability in CGI component in Synology Router Manager (SRM) before 1.2.5-8227-6 and 1.3.1-9346-3 allows remote attackers to overflow buffers via unspecified vectors.

9.8CVSS9.3AI score0.00259EPSS

CVE•added 2023/08/31 10:15 a.m.•44 views

CVE-2023-41739

Uncontrolled resource consumption vulnerability in File Functionality in Synology Router Manager (SRM) before 1.3.1-9346-6 allows remote authenticated users to conduct denial-of-service attacks via unspecified vectors.

6.5CVSS6.5AI score0.00329EPSS

CVE•added 2023/08/31 10:15 a.m.•40 views

CVE-2023-41741

Exposure of sensitive information to an unauthorized actor vulnerability in cgi component in Synology Router Manager (SRM) before 1.3.1-9346-6 allows remote attackers to obtain sensitive information via unspecified vectors.

7.5CVSS7.4AI score0.00196EPSS

CVE•added 2023/08/31 10:15 a.m.•38 views

CVE-2023-41740

Improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in cgi component in Synology Router Manager (SRM) before 1.3.1-9346-6 allows remote attackers to read specific files via unspecified vectors.

5.3CVSS5.8AI score0.00187EPSS

CVE•added 2023/05/16 8:15 a.m.•36 views

CVE-2023-32955

Improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability in DHCP Client Functionality in Synology Router Manager (SRM) before 1.2.5-8227-6 and 1.3.1-9346-3 allows man-in-the-middle attackers to execute arbitrary commands via unspecified vectors.

8.1CVSS8.4AI score0.00224EPSS

CVE•added 2023/08/31 10:15 a.m.•34 views

CVE-2023-41738

Improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability in Directory Domain Functionality in Synology Router Manager (SRM) before 1.3.1-9346-6 allows remote authenticated users to execute arbitrary commands via unspecified vectors.

8.8CVSS8.8AI score0.00501EPSS