Lack of administrator control over security vulnerability in client.cgi in Synology SSL VPN Client before 1.2.5-0226 allows remote attackers to conduct man-in-the-middle attacks via the (1) command, (2) hostname, or (3) port parameter.
oryginał ENCVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HSynology Ssl Vpn Client
APPSynology< 1.2.5-0226
Powiązane podatności
A plaintext storage of a password vulnerability in Synology SSL VPN Client before 1.4.5-0684 allows remote att...
Improper restriction of communication channel to intended endpoints vulnerability in HTTP daemon in Synology S...
A files or directories accessible to external parties vulnerability in Synology SSL VPN Client before 1.4.5-06...
Buffer copy without checking size of input ('Classic Buffer Overflow') vulnerability in cgi component in Synol...
Classic Buffer Overflow w Synology BeeStation OS — zdalne wykonanie kodu