CVE-2024-39347
Synology RT6600ax Improper Access Control Firewall Bypass Vulnerability
Severity Score
5.9
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
Track
*SSVC
Descriptions
Incorrect default permissions vulnerability in firewall functionality in Synology Router Manager (SRM) before 1.2.5-8227-11 and 1.3.1-9346-8 allows man-in-the-middle attackers to access highly sensitive intranet resources via unspecified vectors.
This vulnerability allows remote attackers to bypass firewall rules and access the LAN interface on affected installations of Synology RT6600ax routers. Authentication is required to exploit this vulnerability.
The specific flaw exists within the handling of firewall rules. The issue results from improper access control after the initial setup. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of root.
*Credits:
Tri and Bien Pham (@bienpnn) from Team Orca of Sea Security working with Trend Micro Zero Day Initiative
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:Track
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2024-06-21 CVE Published
- 2024-06-24 CVE Reserved
- 2024-07-26 EPSS Updated
- 2024-08-02 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-276: Incorrect Default Permissions
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://www.synology.com/en-global/security/advisory/Synology_SA_23_16 | 2024-08-02 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Synology Search vendor "Synology" | Synology Router Manager (SRM) Search vendor "Synology" for product "Synology Router Manager (SRM)" | >= 1.3.0 < 1.3.1-9346-8 Search vendor "Synology" for product "Synology Router Manager (SRM)" and version " >= 1.3.0 < 1.3.1-9346-8" | en |
Affected
| ||||||
| Synology Search vendor "Synology" | Synology Router Manager (SRM) Search vendor "Synology" for product "Synology Router Manager (SRM)" | >= 1.2.0 < 1.2.5-8227-11 Search vendor "Synology" for product "Synology Router Manager (SRM)" and version " >= 1.2.0 < 1.2.5-8227-11" | en |
Affected
| ||||||