Synology Security Advisory SA-24:03 SRM on Resolved Vunerabilities
Concerning susceptible version of Synology Router Manager
This is a Press Release edited by StorageNewsletter.com on March 20, 2024 at 2:01 pmSynology, Inc. had published a security advisory concerning resolved vulnerabilities on susceptible version of Synology Router Manager (SRM).
Publish time: 2024-03-12 14:15:45 UTC+8
Last updated: 2024-03-12 14:15:45 UTC+8
Severity : Important
Status : Resolved
Abstract
Multiple vulnerabilities allow remote attackers or remote authenticated users to inject arbitrary web script or HTML, remote authenticated users to bypass security constraints, and remote authenticated users to read specific files via a susceptible version of SRM.
Affected products
|
Product |
Severity |
Fixed release availability |
|---|---|---|
|
SRM 1.3 |
Important |
Upgrade to 1.3.1-9346-9 or above. |
Mitigation : None
Detail : Reserved
Acknowledgement: Tim Coen (https://security-consulting.icu/)
Revision
|
Revision |
Date |
Description |
|---|---|---|
|
1 |
2024-03-12 |
Initial public release. |
Subscribe to our free daily newsletter
