Описание
Synology NAS servers DS107, firmware version 3.1-1639 and prior, and DS116, DS213, firmware versions prior to 5.2-5644-1, use non-random default credentials of: guest:(blank) and admin:(blank) . A remote network attacker can gain privileged access to a vulnerable device.
Ссылки
- Third Party AdvisoryUS Government Resource
- Third Party AdvisoryVDB Entry
- Release NotesVendor Advisory
- Third Party AdvisoryUS Government Resource
- Third Party AdvisoryVDB Entry
- Release NotesVendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 3.1-1639 (включая)
Одновременно
cpe:2.3:o:synology:ds107_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:synology:ds107:-:*:*:*:*:*:*:*
Конфигурация 2Версия до 5.2-5644-1 (включая)
Одновременно
cpe:2.3:o:synology:ds213_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:synology:ds213:-:*:*:*:*:*:*:*
Конфигурация 3Версия до 5.2-5644-1 (включая)
Одновременно
cpe:2.3:o:synology:ds116_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:synology:ds116:-:*:*:*:*:*:*:*
EPSS
Процентиль: 81%
0.01541
Низкий
9.8 Critical
CVSS3
10 Critical
CVSS2
Дефекты
CWE-255
CWE-255
Связанные уязвимости
CVSS3: 9.8
github
больше 3 лет назад
Synology NAS servers DS107, firmware version 3.1-1639 and prior, and DS116, DS213, firmware versions prior to 5.2-5644-1, use non-random default credentials of: guest:(blank) and admin:(blank) . A remote network attacker can gain privileged access to a vulnerable device.
EPSS
Процентиль: 81%
0.01541
Низкий
9.8 Critical
CVSS3
10 Critical
CVSS2
Дефекты
CWE-255
CWE-255