Known Vulnerabilities for Router Manager by Synology

Listed below are 10 of the newest known vulnerabilities associated with "Router Manager" by "Synology".

These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.

Data on known vulnerable versions is also displayed based on information from known CPEs

Known Vulnerabilities

CVE	Shortened Description	Severity	Publish Date	Last Modified
CVE-2022-22683	Buffer copy without checking size of input ('Classic Buffer Overflow') vulnerability in cgi component in Synology Media Serve...	9.8 - CRITICAL	2022-07-28	2022-08-03
CVE-2020-27658	Synology Router Manager (SRM) before 1.2.4-8081 does not include the HTTPOnly flag in a Set-Cookie header for the session coo...	6.1 - MEDIUM	2020-10-29	2020-11-03
CVE-2020-27657	Cleartext transmission of sensitive information vulnerability in DDNS in Synology Router Manager (SRM) before 1.2.4-8081 allo...	5.9 - MEDIUM	2020-10-29	2020-11-03
CVE-2020-27655	Improper access control vulnerability in Synology Router Manager (SRM) before 1.2.4-8081 allows remote attackers to access re...	10 - CRITICAL	2020-10-29	2022-11-16
CVE-2020-27654	Improper access control vulnerability in lbd in Synology Router Manager (SRM) before 1.2.4-8081 allows remote attackers to ex...	9.8 - CRITICAL	2020-10-29	2022-11-16
CVE-2020-27653	Algorithm downgrade vulnerability in QuickConnect in Synology Router Manager (SRM) before 1.2.4-8081 allows man-in-the-middle...	8.3 - HIGH	2020-10-29	2022-11-16
CVE-2020-27651	Synology Router Manager (SRM) before 1.2.4-8081 does not set the Secure flag for the session cookie in an HTTPS session, whic...	8.1 - HIGH	2020-10-29	2020-11-06
CVE-2020-27649	Improper certificate validation vulnerability in OpenVPN client in Synology Router Manager (SRM) before 1.2.4-8081 allows man...	9 - CRITICAL	2020-10-29	2020-11-09
CVE-2019-9494	The implementations of SAE in hostapd and wpa_supplicant are vulnerable to side channel attacks as a result of observable tim...	5.9 - MEDIUM	2019-04-17	2023-11-07
CVE-2019-3870	A vulnerability was found in Samba from version (including) 4.9 to versions before 4.9.6 and 4.10.2. During the creation of a...	6.1 - MEDIUM	2019-04-09	2023-11-07

Results limited to 10 most recent vulnerabilities

Known Affected Configurations (CPE V2.3)

Type	Vendor	Product	Version	Update	Edition	Language
Application	Synology	Router Manager	1.2.4-8081	All	All	All
Application	Synology	Router Manager	1.2.3-8017-2	All	All	All
Application	Synology	Router Manager	1.2.2-7915	All	All	All
Application	Synology	Router Manager	1.2.1-7779-1	All	All	All
Application	Synology	Router Manager	1.2.1-7779	All	All	All
Application	Synology	Router Manager	1.2-7742-5	All	All	All
Application	Synology	Router Manager	1.2-7742-4	All	All	All
Application	Synology	Router Manager	1.2-7742-3	All	All	All
Application	Synology	Router Manager	1.2-7742-2	All	All	All
Application	Synology	Router Manager	1.2-7742-1	All	All	All
Application	Synology	Router Manager	1.2-7742	All	All	All
Application	Synology	Router Manager	1.1.7-6941-3	All	All	All
Application	Synology	Router Manager	1.1.7-6941-2	All	All	All
Application	Synology	Router Manager	1.1.7-6941-1	All	All	All
Application	Synology	Router Manager	1.1.7-6941	All	All	All
Application	Synology	Router Manager	1.1.6-6931-3	All	All	All
Application	Synology	Router Manager	1.1.6-6931-2	All	All	All
Application	Synology	Router Manager	1.1.6-6931-1	All	All	All
Application	Synology	Router Manager	1.1.6-6931	All	All	All
Application	Synology	Router Manager	1.1.5-6542-4	All	All	All

Results limited to 20 most recent known configurations