CVE-2023-41740
5.3MEDIUM
Summary
Improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in cgi component in Synology Router Manager (SRM) before 1.3.1-9346-6 allows remote attackers to read specific files via unspecified vectors.
Affected Version(s)
Synology Router Manager (SRM) <= 1.3
Synology Router Manager (SRM) < 1.3.1-9346-6
CVSS V3.1
Score:
5.3
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability Reserved.
Vulnerability published.
Collectors
NVD DatabaseMitre Database
Credit
Claroty Research - Vera Mens, Uri Katz, Noam Moshe, Sharon Brizinov