CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2014-2264

The OpenVPN module in Synology DiskStation Manager (DSM) 4.3-3810 update 1 has a hardcoded root password of synopass, which makes it easier for remote attackers to obtain access via a VPN session.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 57.5%

CVSS Severity

CVSS v2 Score 7.8

References

http://forum.synology.com/enu/viewtopic.php?f=173&t=77644
http://www.kb.cert.org/vuls/id/534284
http://forum.synology.com/enu/viewtopic.php?f=173&t=77644
http://www.kb.cert.org/vuls/id/534284

Products affected by CVE-2014-2264

Synology » Diskstation Manager » Version: 4.3-3810

cpe:2.3:o:synology:diskstation_manager:4.3-3810

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2014-2264

Products

Pricing

Contact Us