Router Manager Security Vulnerabilities and Issues — Router Manager CVE List

Lucene search

SynologyRouter Manager

8 matches found

CVE•added 2024/12/09 4:15 a.m.•52 views

CVE-2024-53279

Improper neutralization of input during web page generation ('Cross-site Scripting') vulnerability in file station functionality in Synology Router Manager (SRM) before 1.3.1-9346-10 allows remote authenticated users with administrator privileges to read or write specific files containing non-sensi...

5.9CVSS6AI score0.00143EPSS

CVE•added 2024/12/09 4:15 a.m.•47 views

CVE-2024-53280

Improper neutralization of input during web page generation ('Cross-site Scripting') vulnerability in network center policy route functionality in Synology Router Manager (SRM) before 1.3.1-9346-10 allows remote authenticated users with administrator privileges to read or write specific files conta...

5.9CVSS6AI score0.00143EPSS

CVE•added 2024/12/09 4:15 a.m.•47 views

CVE-2024-53281

Improper neutralization of input during web page generation ('Cross-site Scripting') vulnerability in Network WOL functionality in Synology Router Manager (SRM) before 1.3.1-9346-10 allows remote authenticated users to read or write specific files containing non-sensitive information and conduct li...

5.9CVSS5.9AI score0.00143EPSS

CVE•added 2024/12/09 4:15 a.m.•47 views

CVE-2024-53285

Improper neutralization of input during web page generation ('Cross-site Scripting') vulnerability in DDNS Record functionality in Synology Router Manager (SRM) before 1.3.1-9346-10 allows remote authenticated users with administrator privileges to read or write specific files containing non-sensit...

5.9CVSS6AI score0.00143EPSS

CVE•added 2024/12/04 7:15 a.m.•45 views

CVE-2024-11398

Improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in OTP reset functionality in Synology Router Manager (SRM) before 1.3.1-9346-9 allows remote authenticated users to delete arbitrary files via unspecified vectors.

8.1CVSS6.7AI score0.01035EPSS

CVE•added 2024/12/09 4:15 a.m.•45 views

CVE-2024-53284

Improper neutralization of input during web page generation ('Cross-site Scripting') vulnerability in WiFi Connect Setting functionality in Synology Router Manager (SRM) before 1.3.1-9346-10 allows remote authenticated users with administrator privileges to read or write specific files containing n...

5.9CVSS6AI score0.00143EPSS

CVE•added 2024/12/09 4:15 a.m.•43 views

CVE-2024-53282

Improper neutralization of input during web page generation ('Cross-site Scripting') vulnerability in WiFi Connect MAC Filter functionality in Synology Router Manager (SRM) before 1.3.1-9346-10 allows remote authenticated users with administrator privileges to read or write specific files containin...

5.9CVSS6AI score0.00143EPSS

CVE•added 2024/12/09 4:15 a.m.•43 views

CVE-2024-53283

Improper neutralization of input during web page generation ('Cross-site Scripting') vulnerability in Router Port Forward functionality in Synology Router Manager (SRM) before 1.3.1-9346-10 allows remote authenticated users with administrator privileges to read or write specific files containing no...

5.9CVSS6AI score0.00143EPSS