What are you looking for ?
IT Press Tour
RAIDON

Synology Security Advisory SA-25:10 RADIUS Server

Concerning resolved vulnerability with security update for RADIUS Server package in SRM

Synology, Inc. had published a security advisory concerning resolved vulnerability in RADIUS Server package in SRM.

Publish Time: 2025-08-29 15:19:24 UTC+8
Last Updated: 2025-09-01 09:34:25 UTC+8
Severity: Moderate
Status: Resolved

Abstract
Synology has released a security update for the RADIUS Server package in SRM to address a vulnerability:

  • CVE-2024-13987 allows remote authenticated users with administrator privileges to read or write limited files.

Refer to ‘Affected Products’ table for the corresponding updates.

Affected Products

Product

Severity

Fixed Release Availability

RADIUS Server for DSM 7.2.2

Moderate

Upgrade to 3.0.27-0516 or above.

RADIUS Server for DSM 7.1

Moderate

Upgrade to 3.0.27-0453 or above.

RADIUS Server for SRM 1.3

Moderate

Upgrade to 3.0.27-0139 or above.

Mitigation: None

Detail:

Acknowledgement:
Only Hack in Cave (tr4ce(Jinho Ju), neko_hat(Dohwan Kim), tw0n3(Han Lee), Hc0wl(GangMin Kim))

Reference: CVE-2024-13987

Revision:

Revision

Date

Description

1

2025-08-29

Initial public release.

2

2025-08-29

Disclosed vulnerability details.

3

2025-09-01

Disclosed vulnerability details.

 

Articles_bottom
ExaGrid
AIC
ATTO
OPEN-E