Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
synology router manager vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2020-27658
Synology Router Manager (SRM) prior to 1.2.4-8081 does not include the HTTPOnly flag in a Set-Cookie header for the session cookie, which makes it easier for remote malicious users to obtain potentially sensitive information via script access to this cookie.
Synology Router Manager
383
VMScore
CVE-2019-9495
The implementations of EAP-PWD in hostapd and wpa_supplicant are vulnerable to side-channel attacks as a result of cache access patterns. All versions of hostapd and wpa_supplicant with EAP-PWD support are vulnerable. The ability to install and execute applications is necessary f...
W1.fi Hostapd
W1.fi Wpa Supplicant
Fedoraproject Fedora 28
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Opensuse Leap 15.1
Opensuse Backports Sle 15.0
Debian Debian Linux 8.0
Synology Radius Server 3.0
Synology Router Manager
Freebsd Freebsd 11.2
Freebsd Freebsd 12.0
356
VMScore
CVE-2019-19344
There is a use-after-free issue in all samba 4.9.x versions prior to 4.9.18, all samba 4.10.x versions prior to 4.10.12 and all samba 4.11.x versions prior to 4.11.5, essentially due to a call to realloc() while other local variables still point at the original buffer.
Samba Samba
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 19.10
Synology Skynas -
Synology Diskstation Manager 6.2
Synology Directory Server -
Synology Router Manager 1.2
Opensuse Leap 15.1
356
VMScore
CVE-2018-13287
Incorrect default permissions vulnerability in synouser.conf in Synology Router Manager (SRM) prior to 1.1.7-6941-1 allows remote authenticated users to obtain sensitive information via the world readable configuration.
Synology Router Manager
356
VMScore
CVE-2018-13290
Information exposure vulnerability in SYNO.Core.ACL in Synology Router Manager (SRM) prior to 1.1.7-6941-2 allows remote authenticated users to determine the existence of files or obtain sensitive information of files via the file_path parameter.
Synology Router Manager
356
VMScore
CVE-2018-13292
Information exposure vulnerability in /usr/syno/etc/mount.conf in Synology Router Manager (SRM) prior to 1.1.7-6941-2 allows remote authenticated users to obtain sensitive information via the world readable configuration.
Synology Router Manager
356
VMScore
CVE-2017-15895
Directory traversal vulnerability in the SYNO.FileStation.Extract in Synology Router Manager (SRM) prior to 1.1.5-6542-4 allows remote authenticated users to write arbitrary files via the dest_folder_path parameter.
Synology Router Manager
356
VMScore
CVE-2017-12077
Uncontrolled Resource Consumption vulnerability in SYNO.Core.PortForwarding.Rules in Synology Router Manager (SRM) prior to 1.1.4-6509 allows remote authenticated malicious user to exhaust the memory resources of the machine, causing a denial of service attack.
Synology Router Manager
320
VMScore
CVE-2019-3870
A vulnerability was found in Samba from version (including) 4.9 to versions prior to 4.9.6 and 4.10.2. During the creation of a new Samba AD DC, files are created in a private subdirectory of the install location. This directory is typically mode 0700, that is owner (root) only a...
Samba Samba
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Synology Diskstation Manager 5.2
Synology Diskstation Manager 6.1
Synology Diskstation Manager 6.2
Synology Directory Server -
Synology Router Manager 1.2
Synology Skynas Firmware -
Synology Vs960hd Firmware
312
VMScore
CVE-2018-8918
Cross-site scripting (XSS) vulnerability in info.cgi in Synology Router Manager (SRM) prior to 1.1.7-6941 allows remote malicious users to inject arbitrary web script or HTML via the host parameter.
Synology Router Manager
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
firewall
CVE-2024-35649
stored XSS
CVE-2022-28654
CVE-2020-35153
CVE-2024-27348
CVE-2022-28652
local users
CVE-2017-3506
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »