Synology Security Advisory SA-22:06 Concerning Netatalk
Multiple vulnerabilities allow remote attackers to obtain sensitive information and possibly execute arbitrary code via susceptible version of DSM and SRM.
This is a Press Release edited by StorageNewsletter.com on May 24, 2022 at 2:01 pmSynology Inc. had published a security advisory concerning Netatalk which provides file access through AFP (Apple Filing Protocol) on DSM NAS OS.
Publish time: 2022-04-28 13:32:54 UTC+8
Last updated: 2022-05-18 10:03:14 UTC+8
Severity: Critical
Status: Ongoing
Abstract
Multiple vulnerabilities allow remote attackers to obtain sensitive information and possibly execute arbitrary code via a susceptible version of the firm’s DiskStation Manager (DSM) and Synology Router Manager (SRM).
Affected products :
Mitigation
Netatalk provides file access through AFP (Apple Filing Protocol) on DSM NAS OS. This service has been disabled by default since DSM 7.0. The company recommend using SMB protocol instead when connecting from macOS.
For the firm’s systems not yet upgraded to DSM 7.1-42661-1 or newer, administrators can disable ‘AFP service’ to mitigate this specific vulnerability. In environments where AFP is still needed, setting up firewall rules to only allow trusted clients to connect over AFP (port 548) can be used as temporary mitigation.
Detail: Reserved
Reference:
- Netatalk 3.1.13
- CVE-2022-0194
- CVE-2022-23121
- CVE-2022-23122
- CVE-2022-23123
- CVE-2022-23124
- CVE-2022-23125
Revision :
Subscribe to our free daily newsletter
