Synology-SA-22:25 SRM
Publish Time: 2022-12-22 13:44:47 UTC+8
Last Updated: 2023-01-06 10:14:24 UTC+8
- Severity
- Critical
- Status
- Resolved
Abstract
Multiple vulnerabilities allow remote attackers to execute arbitrary command, conduct denial-of-service attacks or read arbitrary files via a susceptible version of Synology Router Manager (SRM).
Affected Products
| Product | Severity | Fixed Release Availability |
|---|---|---|
| SRM 1.3 | Critical | Upgrade to 1.3.1-9346-3 or above. |
| SRM 1.2 | Critical | Upgrade to 1.2.5-8227-6 or above. |
Mitigation
None
Detail
CVE-2022-43932
- Severity: Important
- CVSS3 Base Score: 7.5
- CVSS3 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
- Improper neutralization of special elements in output used by a downstream component ('Injection') vulnerability in CGI component in Synology Router Manager (SRM) before 1.2.5-8227-6 and 1.3.1-9346-3 allows remote attackers to read arbitrary files via unspecified vectors.
CVE-2023-0077
- Severity: Moderate
- CVSS3 Base Score: 6.5
- CVSS3 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
- Integer overflow or wraparound vulnerability in CGI component in Synology Router Manager (SRM) before 1.2.5-8227-6 and 1.3.1-9346-3 allows remote attackers to overflow buffers via unspecified vectors.
Acknowledgement
Orange Tsai from Devcore
Gaurav Baruah working with Trend Micro’s Zero Day Initiative
Computest working with Trend Micro’s Zero Day Initiative
Lukas Kupczyk from CrowdStrike
Revision
| Revision | Date | Description |
|---|---|---|
| 1 | 2022-12-22 | Initial public release. |
| 2 | 2023-01-06 | Disclosed vulnerability details. |