Buffer Overflow Issue in Synology SSL VPN Client
CVE-2023-5748

5.5MEDIUM

Key Information:

Vendor: Synology
Status: Synology SSL VPN Client
Vendor: CVE Published:; 7 November 2023

What is CVE-2023-5748?

A buffer overflow vulnerability exists in the cgi component of Synology's SSL VPN Client prior to version 1.4.7-0687. This flaw allows local users to leverage unspecified vectors to execute denial-of-service attacks, potentially causing the application to crash or behave unpredictably. Users of affected versions are encouraged to upgrade to the latest version to mitigate potential risks.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Synology SSL VPN Client *

References

https://www.synology.com/en-global/security/advisory/Syno...

vendor-advisory

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Nov 7, 2023
Vulnerability Reserved
Oct 24, 2023

Credit

chumen77(GAO JUYANG) from WeBin Lab of DbappSecurity Co.,Ltd.

JSON

Synology

What is CVE-2023-5748?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Credit

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.