Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
router manager vulnerabilities and exploits
(subscribe to this query)
4
CVSSv2
CVE-2018-13290
Information exposure vulnerability in SYNO.Core.ACL in Synology Router Manager (SRM) prior to 1.1.7-6941-2 allows remote authenticated users to determine the existence of files or obtain sensitive information of files via the file_path parameter.
Synology Router Manager
4
CVSSv2
CVE-2018-13292
Information exposure vulnerability in /usr/syno/etc/mount.conf in Synology Router Manager (SRM) prior to 1.1.7-6941-2 allows remote authenticated users to obtain sensitive information via the world readable configuration.
Synology Router Manager
NA
CVE-2022-43932
Improper neutralization of special elements in output used by a downstream component ('Injection') vulnerability in CGI component in Synology Router Manager (SRM) prior to 1.2.5-8227-6 and 1.3.1-9346-3 allows remote malicious users to read arbitrary files via unspecifie...
Synology Router Manager
3.5
CVSSv2
CVE-2018-8918
Cross-site scripting (XSS) vulnerability in info.cgi in Synology Router Manager (SRM) prior to 1.1.7-6941 allows remote malicious users to inject arbitrary web script or HTML via the host parameter.
Synology Router Manager
NA
CVE-2023-0077
Integer overflow or wraparound vulnerability in CGI component in Synology Router Manager (SRM) prior to 1.2.5-8227-6 and 1.3.1-9346-3 allows remote malicious users to overflow buffers via unspecified vectors.
Synology Router Manager
NA
CVE-2023-41739
Uncontrolled resource consumption vulnerability in File Functionality in Synology Router Manager (SRM) prior to 1.3.1-9346-6 allows remote authenticated users to conduct denial-of-service attacks via unspecified vectors.
Synology Router Manager
NA
CVE-2023-41740
Improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in cgi component in Synology Router Manager (SRM) prior to 1.3.1-9346-6 allows remote malicious users to read specific files via unspecified vectors.
Synology Router Manager
5.1
CVSSv2
CVE-2020-27653
Algorithm downgrade vulnerability in QuickConnect in Synology Router Manager (SRM) prior to 1.2.4-8081 allows man-in-the-middle malicious users to spoof servers and obtain sensitive information via unspecified vectors.
Synology Router Manager
Synology Diskstation Manager 6.2.3 25426
1 Github repository
8.3
CVSSv2
CVE-2019-9501
The Broadcom wl WiFi driver is vulnerable to a heap buffer overflow. By supplying a vendor information element with a data length larger than 32 bytes, a heap buffer overflow is triggered in wlc_wpa_sup_eapol. In the worst case scenario, by sending specially-crafted WiFi packets,...
Synology Router Manager 1.2
Broadcom Bcm4339 Firmware -
1 Article
8.3
CVSSv2
CVE-2019-9502
The Broadcom wl WiFi driver is vulnerable to a heap buffer overflow. If the vendor information element data length is larger than 164 bytes, a heap buffer overflow is triggered in wlc_wpa_plumb_gtk. In the worst case scenario, by sending specially-crafted WiFi packets, a remote, ...
Synology Router Manager 1.2
Broadcom Bcm4339 Firmware -
1 Article
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48693
CVE-2024-30851
CVE-2024-34460
CVE-2024-2887
local
CVE-2024-27956
remote code execution
CVE-2024-34475
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »