Router Manager@1.2 Security Vulnerabilities and Issues — Router Manager@1.2 CVE List

Lucene search

SynologyRouter Manager1.2

7 matches found

CVE•added 2020/01/21 6:15 p.m.•406 views

CVE-2019-14907

All samba versions 4.9.x before 4.9.18, 4.10.x before 4.10.12 and 4.11.x before 4.11.5 have an issue where if it is set with "log level = 3" (or above) then the string obtained from the client, after a failed character conversion, is printed. Such strings can be provided during the NTLMSSP authenti...

6.5CVSS6.5AI score0.05927EPSS

CVE•added 2020/02/03 9:15 p.m.•271 views

CVE-2019-9501

The Broadcom wl WiFi driver is vulnerable to a heap buffer overflow. By supplying a vendor information element with a data length larger than 32 bytes, a heap buffer overflow is triggered in wlc_wpa_sup_eapol. In the worst case scenario, by sending specially-crafted WiFi packets, a remote, unauthen...

8.8CVSS7AI score0.03057EPSS

CVE•added 2020/02/03 9:15 p.m.•265 views

CVE-2019-9502

The Broadcom wl WiFi driver is vulnerable to a heap buffer overflow. If the vendor information element data length is larger than 164 bytes, a heap buffer overflow is triggered in wlc_wpa_plumb_gtk. In the worst case scenario, by sending specially-crafted WiFi packets, a remote, unauthenticated att...

8.8CVSS7AI score0.01908EPSS

CVE•added 2019/04/17 2:29 p.m.•242 views

CVE-2019-9499

The implementations of EAP-PWD in wpa_supplicant EAP Peer, when built against a crypto library missing explicit validation on imported elements, do not validate the scalar and element values in EAP-pwd-Commit. An attacker may complete authentication, session key and control of the data connection w...

8.1CVSS8AI score0.01603EPSS

CVE•added 2019/04/17 2:29 p.m.•218 views

CVE-2019-9498

The implementations of EAP-PWD in hostapd EAP Server, when built against a crypto library missing explicit validation on imported elements, do not validate the scalar and element values in EAP-pwd-Commit. An attacker may be able to use invalid scalar/element values to complete authentication, gaini...

8.1CVSS7.9AI score0.01603EPSS

CVE•added 2020/01/21 6:15 p.m.•214 views

CVE-2019-19344

There is a use-after-free issue in all samba 4.9.x versions before 4.9.18, all samba 4.10.x versions before 4.10.12 and all samba 4.11.x versions before 4.11.5, essentially due to a call to realloc() while other local variables still point at the original buffer.

6.5CVSS6.3AI score0.0213EPSS

CVE•added 2019/04/09 4:29 p.m.•90 views

CVE-2019-3870

A vulnerability was found in Samba from version (including) 4.9 to versions before 4.9.6 and 4.10.2. During the creation of a new Samba AD DC, files are created in a private subdirectory of the install location. This directory is typically mode 0700, that is owner (root) only access. However in som...

6.1CVSS6.1AI score0.00255EPSS