The Multicast DNS (mDNS) responder in Synology DiskStation Manager (DSM) prior to 3.1 inadvertently responds to unicast queries with source addresses that are not link-local, which allows remote malicious users to cause a denial of service (traffic amplification) or obtain potentially sensitive information via port-5353 UDP packets to the Avahi component.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
synology diskstation manager |