Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2019-11823: Synology_SA_20_11 | Synology Inc.

CRLF injection vulnerability in Network Center in Synology Router Manager (SRM) before 1.2.3-8017-2 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via crafted network traffic.

CVE
#vulnerability#dos

Abstract

A vulnerability allows remote attackers to conduct denial-of-service attacks via a susceptible version of Synology Router Manager (SRM).

Affected Products

Product

Severity

Fixed Release Availability

SRM 1.2

Important

Upgrade to 1.2.3-8017-2 or above.

Mitigation

None

Detail

  • CVE-2019-11823
    • Severity: Important
    • CVSS3 Base Score: 8.6
    • CVSS3 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
    • CRLF injection vulnerability in Network Center in Synology Router Manager (SRM) before 1.2.3-8017-2 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via crafted network traffic.

Revision

Revision

Date

Description

1

2020-05-04

Initial public release.

Related news

The many vulnerabilities Talos discovered in SOHO and industrial wireless routers post-VPNFilter

Given the privileged position these devices occupy on the networks they serve, they are prime targets for attackers, so their security posture is of paramount importance.

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE-2023-6905
CVE-2023-6903
CVE-2023-6904
CVE-2023-3907