Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
synology router manager vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv3
CVE-2018-13292
Information exposure vulnerability in /usr/syno/etc/mount.conf in Synology Router Manager (SRM) prior to 1.1.7-6941-2 allows remote authenticated users to obtain sensitive information via the world readable configuration.
Synology Router Manager
5.3
CVSSv3
CVE-2018-13289
Information exposure vulnerability in SYNO.FolderSharing.List in Synology Router Manager (SRM) prior to 1.1.7-6941-2 allows remote malicious users to obtain sensitive information via the (1) folder_path or (2) real_path parameter.
Synology Router Manager
5.4
CVSSv3
CVE-2018-8918
Cross-site scripting (XSS) vulnerability in info.cgi in Synology Router Manager (SRM) prior to 1.1.7-6941 allows remote malicious users to inject arbitrary web script or HTML via the host parameter.
Synology Router Manager
9.8
CVSSv3
CVE-2018-1160
Netatalk prior to 3.1.12 is vulnerable to an out of bounds write in dsi_opensess.c. This is due to lack of bounds checking on attacker controlled data. A remote unauthenticated attacker can leverage this vulnerability to achieve arbitrary code execution.
Netatalk Netatalk
Synology Skynas -
Synology Diskstation Manager
Synology Router Manager
Synology Vs960hd Firmware -
Debian Debian Linux 9.0
1 EDB exploit
3 Github repositories
7.2
CVSSv3
CVE-2017-12078
Command injection vulnerability in EZ-Internet in Synology Router Manager (SRM) prior to 1.1.6-6931 allows remote authenticated users to execute arbitrary command via the username parameter.
Synology Router Manager
5.3
CVSSv3
CVE-2018-7170
ntpd in ntp 4.2.x prior to 4.2.8p7 and 4.3.x prior to 4.3.92 allows authenticated users that know the private symmetric key to create arbitrarily-many ephemeral associations in order to win the clock selection of ntpd and modify a victim's clock via a Sybil attack. This issu...
Ntp Ntp
Ntp Ntp 4.2.8
Synology Diskstation Manager
Synology Router Manager
Synology Skynas
Synology Virtual Diskstation Manager
Synology Vs960hd Firmware
Netapp Hci -
Netapp Solidfire -
Hpe Hpux-ntp
7.5
CVSSv3
CVE-2018-7184
ntpd in ntp 4.2.8p4 prior to 4.2.8p11 drops bad packets before updating the "received" timestamp, which allows remote malicious users to cause a denial of service (disruption) by sending a packet with a zero-origin timestamp causing the association to reset and setting ...
Ntp Ntp 4.2.8
Synology Skynas -
Synology Router Manager 1.1
Synology Diskstation Manager 6.1
Synology Diskstation Manager 6.0
Synology Virtual Diskstation Manager -
Synology Diskstation Manager 5.2
Synology Vs960hd Firmware -
Slackware Slackware Linux 14.0
Slackware Slackware Linux 14.1
Slackware Slackware Linux 14.2
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 17.10
Canonical Ubuntu Linux 18.04
Netapp Steelstore Cloud Integrated Storage -
Netapp Cloud Backup -
7.5
CVSSv3
CVE-2018-7185
The protocol engine in ntp 4.2.6 prior to 4.2.8p11 allows a remote malicious users to cause a denial of service (disruption) by continually sending a packet with a zero-origin timestamp and source IP address of the "other side" of an interleaved association causing the ...
Ntp Ntp
Ntp Ntp 4.2.8
Synology Diskstation Manager
Synology Router Manager
Synology Skynas
Synology Virtual Diskstation Manager
Synology Vs960hd Firmware
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 17.10
Netapp Hci -
Netapp Solidfire -
Hpe Hpux-ntp
Oracle Fujitsu M10-1 Firmware
Oracle Fujitsu M10-4 Firmware
Oracle Fujitsu M10-4s Firmware
Oracle Fujitsu M12-1 Firmware
Oracle Fujitsu M12-2 Firmware
Oracle Fujitsu M12-2s Firmware
5.6
CVSSv3
CVE-2017-5753
Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.
Intel Atom C C2308
Intel Atom C C2316
Intel Atom C C2338
Intel Atom C C2350
Intel Atom C C2358
Intel Atom C C2508
Intel Atom C C2516
Intel Atom C C2518
Intel Atom C C2530
Intel Atom C C2538
Intel Atom C C2550
Intel Atom C C2558
Intel Atom C C2718
Intel Atom C C2730
Intel Atom C C2738
Intel Atom C C2750
Intel Atom C C2758
Intel Atom C C3308
Intel Atom C C3338
Intel Atom C C3508
Intel Atom C C3538
Intel Atom C C3558
1 EDB exploit
42 Github repositories
9 Articles
6.5
CVSSv3
CVE-2017-15895
Directory traversal vulnerability in the SYNO.FileStation.Extract in Synology Router Manager (SRM) prior to 1.1.5-6542-4 allows remote authenticated users to write arbitrary files via the dest_folder_path parameter.
Synology Router Manager
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-22120
CVE-2024-35921
CVE-2024-35874
brute force
CVE-2024-36080
unprivileged
CVE-2024-35917
IDOR
CVE-2024-4947
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »