Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
synology router manager vulnerabilities and exploits
(subscribe to this query)
10
CVSSv3
CVE-2020-27655
Improper access control vulnerability in Synology Router Manager (SRM) prior to 1.2.4-8081 allows remote malicious users to access restricted resources via inbound QuickConnect traffic.
Synology Router Manager
9.8
CVSSv3
CVE-2023-32956
Improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability in CGI component in Synology Router Manager (SRM) prior to 1.2.5-8227-6 and 1.3.1-9346-3 allows remote malicious users to execute arbitrary code via unspecified vect...
Synology Router Manager
9.8
CVSSv3
CVE-2023-0077
Integer overflow or wraparound vulnerability in CGI component in Synology Router Manager (SRM) prior to 1.2.5-8227-6 and 1.3.1-9346-3 allows remote malicious users to overflow buffers via unspecified vectors.
Synology Router Manager
9.8
CVSSv3
CVE-2020-27654
Improper access control vulnerability in lbd in Synology Router Manager (SRM) prior to 1.2.4-8081 allows remote malicious users to execute arbitrary commands via port (1) 7786/tcp or (2) 7787/tcp.
Synology Router Manager
9.8
CVSSv3
CVE-2018-1160
Netatalk prior to 3.1.12 is vulnerable to an out of bounds write in dsi_opensess.c. This is due to lack of bounds checking on attacker controlled data. A remote unauthenticated attacker can leverage this vulnerability to achieve arbitrary code execution.
Netatalk Netatalk
Synology Skynas -
Synology Diskstation Manager
Synology Router Manager
Synology Vs960hd Firmware -
Debian Debian Linux 9.0
1 EDB exploit
3 Github repositories
9.8
CVSSv3
CVE-2017-14491
Heap-based buffer overflow in dnsmasq prior to 2.78 allows remote malicious users to cause a denial of service (crash) or execute arbitrary code via a crafted DNS response.
Thekelleys Dnsmasq
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 17.04
Debian Debian Linux 7.1
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Debian Debian Linux 9.0
Opensuse Leap 42.3
Opensuse Leap 42.2
Suse Linux Enterprise Server 11
Suse Linux Enterprise Debuginfo 11
Suse Linux Enterprise Server 12
Suse Linux Enterprise Point Of Sale 11
Nvidia Linux For Tegra
1 EDB exploit
9 Github repositories
9
CVSSv3
CVE-2020-27649
Improper certificate validation vulnerability in OpenVPN client in Synology Router Manager (SRM) prior to 1.2.4-8081 allows man-in-the-middle malicious users to spoof servers and obtain sensitive information via a crafted certificate.
Synology Router Manager
8.8
CVSSv3
CVE-2023-41738
Improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability in Directory Domain Functionality in Synology Router Manager (SRM) prior to 1.3.1-9346-6 allows remote authenticated users to execute arbitrary commands via unspecif...
Synology Router Manager
8.8
CVSSv3
CVE-2019-9501
The Broadcom wl WiFi driver is vulnerable to a heap buffer overflow. By supplying a vendor information element with a data length larger than 32 bytes, a heap buffer overflow is triggered in wlc_wpa_sup_eapol. In the worst case scenario, by sending specially-crafted WiFi packets,...
Synology Router Manager 1.2
Broadcom Bcm4339 Firmware -
1 Article
8.8
CVSSv3
CVE-2019-9502
The Broadcom wl WiFi driver is vulnerable to a heap buffer overflow. If the vendor information element data length is larger than 164 bytes, a heap buffer overflow is triggered in wlc_wpa_plumb_gtk. In the worst case scenario, by sending specially-crafted WiFi packets, a remote, ...
Synology Router Manager 1.2
Broadcom Bcm4339 Firmware -
1 Article
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-26978
CVE-2024-26982
wireless
CVE-2023-6949
CVE-2024-26980
CVE-2024-32766
CVE-2024-26939
cache poisoning
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »