Sensitive Information Exposure in Synology Router Manager
CVE-2023-41741

5.3MEDIUM

Key Information:

Vendor: Synology
Status: Synology Router Manager (srm)
Vendor: CVE Published:; 31 August 2023

Summary

A vulnerability exists in the CGI component of Synology Router Manager (SRM) versions prior to 1.3.1-9346-6, permitting remote attackers to gain unauthorized access to sensitive information. This exposure can lead to serious security risks for affected users, emphasizing the need for immediate patching and robust security practices.

Affected Version(s)

Synology Router Manager (SRM) 1.3

Synology Router Manager (SRM) 1.3 < 1.3.1-9346-6

References

https://www.synology.com/en-global/security/advisory/Syno...

vendor-advisory

CVSS V3.1

Score:

5.3

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Aug 31, 2023
Vulnerability Reserved
Aug 31, 2023

Credit

Claroty Research - Vera Mens, Uri Katz, Noam Moshe, Sharon Brizinov