Lucene search

K

10 matches found

CVE
CVE
added 2024/12/09 4:15 a.m.51 views

CVE-2024-53279

Improper neutralization of input during web page generation ('Cross-site Scripting') vulnerability in file station functionality in Synology Router Manager (SRM) before 1.3.1-9346-10 allows remote authenticated users with administrator privileges to read or write specific files containing non-sensi...

5.9CVSS6AI score0.00125EPSS
CVE
CVE
added 2024/12/09 4:15 a.m.46 views

CVE-2024-53280

Improper neutralization of input during web page generation ('Cross-site Scripting') vulnerability in network center policy route functionality in Synology Router Manager (SRM) before 1.3.1-9346-10 allows remote authenticated users with administrator privileges to read or write specific files conta...

5.9CVSS6AI score0.00125EPSS
CVE
CVE
added 2024/12/09 4:15 a.m.46 views

CVE-2024-53281

Improper neutralization of input during web page generation ('Cross-site Scripting') vulnerability in Network WOL functionality in Synology Router Manager (SRM) before 1.3.1-9346-10 allows remote authenticated users to read or write specific files containing non-sensitive information and conduct li...

5.9CVSS5.9AI score0.00125EPSS
CVE
CVE
added 2024/12/09 4:15 a.m.46 views

CVE-2024-53285

Improper neutralization of input during web page generation ('Cross-site Scripting') vulnerability in DDNS Record functionality in Synology Router Manager (SRM) before 1.3.1-9346-10 allows remote authenticated users with administrator privileges to read or write specific files containing non-sensit...

5.9CVSS6AI score0.00125EPSS
CVE
CVE
added 2024/12/04 7:15 a.m.44 views

CVE-2024-11398

Improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in OTP reset functionality in Synology Router Manager (SRM) before 1.3.1-9346-9 allows remote authenticated users to delete arbitrary files via unspecified vectors.

8.1CVSS6.7AI score0.00907EPSS
CVE
CVE
added 2024/12/09 4:15 a.m.44 views

CVE-2024-53284

Improper neutralization of input during web page generation ('Cross-site Scripting') vulnerability in WiFi Connect Setting functionality in Synology Router Manager (SRM) before 1.3.1-9346-10 allows remote authenticated users with administrator privileges to read or write specific files containing n...

5.9CVSS6AI score0.00125EPSS
CVE
CVE
added 2024/06/28 7:15 a.m.42 views

CVE-2024-39347

Incorrect default permissions vulnerability in firewall functionality in Synology Router Manager (SRM) before 1.2.5-8227-11 and 1.3.1-9346-8 allows man-in-the-middle attackers to access highly sensitive intranet resources via unspecified vectors.

5.9CVSS5.6AI score0.0015EPSS
CVE
CVE
added 2024/12/09 4:15 a.m.42 views

CVE-2024-53282

Improper neutralization of input during web page generation ('Cross-site Scripting') vulnerability in WiFi Connect MAC Filter functionality in Synology Router Manager (SRM) before 1.3.1-9346-10 allows remote authenticated users with administrator privileges to read or write specific files containin...

5.9CVSS6AI score0.00125EPSS
CVE
CVE
added 2024/12/09 4:15 a.m.41 views

CVE-2024-53283

Improper neutralization of input during web page generation ('Cross-site Scripting') vulnerability in Router Port Forward functionality in Synology Router Manager (SRM) before 1.3.1-9346-10 allows remote authenticated users with administrator privileges to read or write specific files containing no...

5.9CVSS6AI score0.00125EPSS
CVE
CVE
added 2024/06/28 7:15 a.m.30 views

CVE-2024-39348

Download of code without integrity check vulnerability in AirPrint functionality in Synology Router Manager (SRM) before 1.2.5-8227-11 and 1.3.1-9346-8 allows man-in-the-middle attackers to execute arbitrary code via unspecified vectors.

7.5CVSS7.9AI score0.0018EPSS