Vulnerability Details CVE-2018-13292
Information exposure vulnerability in /usr/syno/etc/mount.conf in Synology Router Manager (SRM) before 1.1.7-6941-2 allows remote authenticated users to obtain sensitive information via the world readable configuration.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 53.5%
CVSS Severity
CVSS v3 Score 4.3
CVSS v2 Score 4.0
References
Products affected by CVE-2018-13292
-
cpe:2.3:a:synology:router_manager:1.1
-
cpe:2.3:a:synology:router_manager:1.1-6338
-
cpe:2.3:a:synology:router_manager:1.1-6338-1
-
cpe:2.3:a:synology:router_manager:1.1-6338-2
-
cpe:2.3:a:synology:router_manager:1.1.1-6414
-
cpe:2.3:a:synology:router_manager:1.1.1-6414-1
-
cpe:2.3:a:synology:router_manager:1.1.2-6425
-
cpe:2.3:a:synology:router_manager:1.1.2-6425-1
-
cpe:2.3:a:synology:router_manager:1.1.2-6425-2
-
cpe:2.3:a:synology:router_manager:1.1.2-6425-3
-
cpe:2.3:a:synology:router_manager:1.1.3-6447
-
cpe:2.3:a:synology:router_manager:1.1.3-6447-1
-
cpe:2.3:a:synology:router_manager:1.1.3-6447-2
-
cpe:2.3:a:synology:router_manager:1.1.3-6447-3
-
cpe:2.3:a:synology:router_manager:1.1.3-6447-4
-
cpe:2.3:a:synology:router_manager:1.1.4-6509
-
cpe:2.3:a:synology:router_manager:1.1.4-6509-1
-
cpe:2.3:a:synology:router_manager:1.1.4-6509-2
-
cpe:2.3:a:synology:router_manager:1.1.4-6509-3
-
cpe:2.3:a:synology:router_manager:1.1.4-6509-4
-
cpe:2.3:a:synology:router_manager:1.1.5-6542
-
cpe:2.3:a:synology:router_manager:1.1.5-6542-1
-
cpe:2.3:a:synology:router_manager:1.1.5-6542-2
-
cpe:2.3:a:synology:router_manager:1.1.5-6542-3
-
cpe:2.3:a:synology:router_manager:1.1.5-6542-4
-
cpe:2.3:a:synology:router_manager:1.1.6-6931
-
cpe:2.3:a:synology:router_manager:1.1.6-6931-1
-
cpe:2.3:a:synology:router_manager:1.1.6-6931-2
-
cpe:2.3:a:synology:router_manager:1.1.6-6931-3
-
cpe:2.3:a:synology:router_manager:1.1.7-6941
-
cpe:2.3:a:synology:router_manager:1.1.7-6941-1