Page 2 of 8 results (0.003 seconds)

CVSS: 9.0EPSS: 0%CPEs: 7EXPL: 1

Out-of-bounds write vulnerability in synoagentregisterd in Synology DiskStation Manager (DSM) before 6.2.3-25426-3 allows man-in-the-middle attackers to execute arbitrary code via syno_finder_site HTTP header. Una vulnerabilidad de escritura fuera de límites en synoagentregisterd en Synology DiskStation Manager (DSM) versiones anteriores a 6.2.3-25426-3, permite a atacantes de tipo man-in-the-middle ejecutar código arbitrario por medio del encabezado HTTP syno_finder_site • https://www.synology.com/security/advisory/Synology_SA_20_26 https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1159 • CWE-787: Out-of-bounds Write •

CVSS: 9.0EPSS: 0%CPEs: 7EXPL: 1

Stack-based buffer overflow vulnerability in synoagentregisterd in Synology DiskStation Manager (DSM) before 6.2.3-25426-3 allows man-in-the-middle attackers to execute arbitrary code via syno_finder_site HTTP header. Una vulnerabilidad de desbordamiento del búfer en la región stack de la memoria en synoagentregisterd en Synology DiskStation Manager (DSM) versiones anteriores a 6.2.3-25426-3, permite a atacantes de tipo man-in-the-middle ejecutar código arbitrario por medio del encabezado HTTP syno_finder_site • https://www.synology.com/security/advisory/Synology_SA_20_26 https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1159 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-121: Stack-based Buffer Overflow •

CVSS: 9.0EPSS: 0%CPEs: 7EXPL: 1

Cleartext transmission of sensitive information vulnerability in synoagentregisterd in Synology DiskStation Manager (DSM) before 6.2.3-25426-3 allows man-in-the-middle attackers to spoof servers via an HTTP session. Una vulnerabilidad transmisión de información confidencial en texto sin cifrar en synoagentregisterd en Synology DiskStation Manager (DSM) versiones anteriores a 6.2.3-25426-3, permite a atacantes de tipo man-in-the-middle falsificar servidores por medio de una sesión HTTP • https://www.synology.com/security/advisory/Synology_SA_20_26 https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1159 • CWE-319: Cleartext Transmission of Sensitive Information •