Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
router manager vulnerabilities and exploits
(subscribe to this query)
8.1
CVSSv3
CVE-2023-0142
Uncontrolled search path element vulnerability in Backup Management Functionality in Synology DiskStation Manager (DSM) prior to 7.1-42661 allows remote authenticated users to read or write arbitrary files via unspecified vectors.
Synology Diskstation Manager
Synology Diskstation Manager Unified Controller 3.1
Synology Router Manager 1.3.1-9346
Synology Router Manager
7.5
CVSSv3
CVE-2023-2729
Use of insufficiently random values vulnerability in User Management Functionality in Synology DiskStation Manager (DSM) prior to 7.2-64561 allows remote malicious users to obtain user credential via unspecified vectors.
Synology Diskstation Manager Unified Controller 3.1
Synology Diskstation Manager
Synology Router Manager 1.3.1-9346
Synology Router Manager
NA
CVE-2010-0594
Cross-site scripting (XSS) vulnerability in Cisco Router and Security Device Manager (SDM) allows remote malicious users to inject arbitrary web script or HTML via unknown vectors, aka Bug ID CSCtb38467.
Cisco Router And Security Device Manager
Cisco Router And Security Device Manager 2.5
7.5
CVSSv3
CVE-2019-11823
CRLF injection vulnerability in Network Center in Synology Router Manager (SRM) prior to 1.2.3-8017-2 allows remote malicious users to cause a denial of service (out-of-bounds read and application crash) via crafted network traffic.
Synology Router Manager
9.8
CVSSv3
CVE-2020-27654
Improper access control vulnerability in lbd in Synology Router Manager (SRM) prior to 1.2.4-8081 allows remote malicious users to execute arbitrary commands via port (1) 7786/tcp or (2) 7787/tcp.
Synology Router Manager
5.9
CVSSv3
CVE-2020-27657
Cleartext transmission of sensitive information vulnerability in DDNS in Synology Router Manager (SRM) prior to 1.2.4-8081 allows man-in-the-middle malicious users to eavesdrop authentication information of DNSExit via unspecified vectors.
Synology Router Manager
4.9
CVSSv3
CVE-2017-12077
Uncontrolled Resource Consumption vulnerability in SYNO.Core.PortForwarding.Rules in Synology Router Manager (SRM) prior to 1.1.4-6509 allows remote authenticated malicious user to exhaust the memory resources of the machine, causing a denial of service attack.
Synology Router Manager
7.2
CVSSv3
CVE-2017-12078
Command injection vulnerability in EZ-Internet in Synology Router Manager (SRM) prior to 1.1.6-6931 allows remote authenticated users to execute arbitrary command via the username parameter.
Synology Router Manager
9
CVSSv3
CVE-2020-27649
Improper certificate validation vulnerability in OpenVPN client in Synology Router Manager (SRM) prior to 1.2.4-8081 allows man-in-the-middle malicious users to spoof servers and obtain sensitive information via a crafted certificate.
Synology Router Manager
6.1
CVSSv3
CVE-2020-27658
Synology Router Manager (SRM) prior to 1.2.4-8081 does not include the HTTPOnly flag in a Set-Cookie header for the session cookie, which makes it easier for remote malicious users to obtain potentially sensitive information via script access to this cookie.
Synology Router Manager
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48693
CVE-2024-30851
CVE-2024-34460
CVE-2024-2887
local
CVE-2024-27956
remote code execution
CVE-2024-34475
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »