exploitDog

GHSA-x5fh-xfvr-gg7m

Опубликовано: 24 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 9

Описание

Insertion of sensitive information into sent data vulnerability in synorelayd in Synology DiskStation Manager (DSM) before 6.2.3-25426-3 allows man-in-the-middle attackers to execute arbitrary commands via inbound QuickConnect traffic.

Insertion of sensitive information into sent data vulnerability in synorelayd in Synology DiskStation Manager (DSM) before 6.2.3-25426-3 allows man-in-the-middle attackers to execute arbitrary commands via inbound QuickConnect traffic.

Ссылки

EPSS

Процентиль: 67%

0.00535

Низкий

9 Critical

CVSS3

CVE ID

Дефекты

CWE-200

CWE-201

Связанные уязвимости

CVE-2021-26566

CVSS3: 8.3

nvd

почти 5 лет назад

Insertion of sensitive information into sent data vulnerability in synorelayd in Synology DiskStation Manager (DSM) before 6.2.3-25426-3 allows man-in-the-middle attackers to execute arbitrary commands via inbound QuickConnect traffic.

EPSS

Процентиль: 67%

0.00535

Низкий

9 Critical

CVSS3

CVE ID

Дефекты

CWE-200

CWE-201