Synology-SA-20:25 Safe Access

Publish Time: 2020-11-24 11:52:27 UTC+8

Last Updated: 2020-12-28 09:09:32 UTC+8

Severity
Critical
Status
Resolved

Abstract

Multiple vulnerabilities allow remote attackers to execute arbitrary code via a susceptible version of Safe Access.

Affected Products

Product Severity Fixed Release Availability
Safe Access Critical Upgrade to 1.2.3-0234 or above.

Mitigation

None

Detail

  • CVE-2020-27659

    • Severity: Important
    • CVSS3 Base Score: 8.4
    • CVSS3 Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H
    • Multiple cross-site scripting (XSS) vulnerabilities in Synology SafeAccess before 1.2.3-0234 allow remote attackers to inject arbitrary web script or HTML via the (1) domain or (2) profile parameter.
  • CVE-2020-27660

    • Severity: Critical
    • CVSS3 Base Score: 9.6
    • CVSS3 Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
    • SQL injection vulnerability in request.cgi in Synology SafeAccess before 1.2.3-0234 allows remote attackers to execute arbitrary SQL commands via the domain parameter.

Acknowledgement

  • Thomas Fady

  • Claudio Bozzato of Cisco Talos

Revision

Revision Date Description
1 2020-11-24 Initial public release.
2 2020-11-30 Disclosed vulnerability details.
3 2020-12-25 Update the Acknowledgement