CVE-2020-27653

8.3HIGH

Key Information:

Vendor
Synology
Status
Synology Router Manager (srm)
Vendor
CVE Published:
29 October 2020

Summary

Algorithm downgrade vulnerability in QuickConnect in Synology Router Manager (SRM) before 1.2.4-8081 allows man-in-the-middle attackers to spoof servers and obtain sensitive information via unspecified vectors.

Affected Version(s)

Synology Router Manager (SRM) < 1.2.4-8081

References

https://www.synology.com/security/advisory/Synology_SA_20_14
x_refsource_CONFIRM
https://www.talosintelligence.com/vulnerability_reports/T...
x_refsource_MISC

CVSS V3.1

Score:
8.3
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
Required
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Collectors

NVD DatabaseMitre Database
.