CVE-2021-31439
Synology DiskStation Manager Netatalk dsi_doff Heap-based Buffer Overflow Remote Code Execution Vulnerability
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Synology DiskStation Manager. Authentication is not required to exploit this vulnerablity. The specific flaw exists within the processing of DSI structures in Netatalk. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-12326.
Esta vulnerabilidad permite a atacantes adyacentes a la red ejecutar código arbitrario en las instalaciones afectadas de Synology DiskStation Manager. No se requiere autenticación para explotar esta vulnerabilidad. El fallo específico existe dentro del procesamiento de estructuras DSI en Netatalk. El problema es debido a una falta de validación apropiada de la longitud de los datos suministrados por el usuario antes de copiarlos en un búfer en la región heap de la memoria. Un atacante puede explotar esta vulnerabilidad para ejecutar código en el contexto del proceso actual. Fue ZDI-CAN-12326
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Synology DiskStation DS418play. Authentication is not required to exploit this vulnerablity.
The specific flaw exists within the processing of DSI structures in Netatalk. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2021-04-16 CVE Reserved
- 2021-04-29 CVE Published
- 2023-12-26 EPSS Updated
- 2024-08-03 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-122: Heap-based Buffer Overflow
- CWE-787: Out-of-bounds Write
CAPEC
References (5)
| URL | Tag | Source |
|---|---|---|
| https://lists.debian.org/debian-lts-announce/2023/05/msg00018.html | Mailing List |
|
| https://www.zerodayinitiative.com/advisories/ZDI-21-492 | Third Party Advisory |
|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://security.gentoo.org/glsa/202311-02 | 2023-11-22 | |
| https://www.debian.org/security/2023/dsa-5503 | 2023-11-22 | |
| https://www.synology.com/zh-hk/security/advisory/Synology_SA_20_26 | 2023-11-22 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Synology Search vendor "Synology" | Diskstation Manager Search vendor "Synology" for product "Diskstation Manager" | >= 6.2 < 6.2.3-25426-3 Search vendor "Synology" for product "Diskstation Manager" and version " >= 6.2 < 6.2.3-25426-3" | - |
Affected
| ||||||
| Debian Search vendor "Debian" | Debian Linux Search vendor "Debian" for product "Debian Linux" | 10.0 Search vendor "Debian" for product "Debian Linux" and version "10.0" | - |
Affected
| ||||||
| Debian Search vendor "Debian" | Debian Linux Search vendor "Debian" for product "Debian Linux" | 11.0 Search vendor "Debian" for product "Debian Linux" and version "11.0" | - |
Affected
| ||||||
| Netatalk Search vendor "Netatalk" | Netatalk Search vendor "Netatalk" for product "Netatalk" | < 3.1.13 Search vendor "Netatalk" for product "Netatalk" and version " < 3.1.13" | - |
Affected
| ||||||