Vulnerability Details CVE-2020-27654
Improper access control vulnerability in lbd in Synology Router Manager (SRM) before 1.2.4-8081 allows remote attackers to execute arbitrary commands via port (1) 7786/tcp or (2) 7787/tcp.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.031
EPSS Ranking 86.1%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 7.5
References
- https://www.synology.com/security/advisory/Synology_SA_20_14
- https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1064
- https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1065
- https://www.synology.com/security/advisory/Synology_SA_20_14
- https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1064
- https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1065
Products affected by CVE-2020-27654
-
cpe:2.3:a:synology:router_manager:1.0-5766
-
cpe:2.3:a:synology:router_manager:1.0-5781
-
cpe:2.3:a:synology:router_manager:1.0-5781-1
-
cpe:2.3:a:synology:router_manager:1.0-5781-2
-
cpe:2.3:a:synology:router_manager:1.0-5781-3
-
cpe:2.3:a:synology:router_manager:1.0.1-6007
-
cpe:2.3:a:synology:router_manager:1.0.1-6007-1
-
cpe:2.3:a:synology:router_manager:1.0.1-6007-2
-
cpe:2.3:a:synology:router_manager:1.0.2-6022
-
cpe:2.3:a:synology:router_manager:1.0.2-6022-1
-
cpe:2.3:a:synology:router_manager:1.0.3-6030
-
cpe:2.3:a:synology:router_manager:1.0.3-6030-1
-
cpe:2.3:a:synology:router_manager:1.0.3-6030-2
-
cpe:2.3:a:synology:router_manager:1.0.3-6030-3
-
cpe:2.3:a:synology:router_manager:1.1
-
cpe:2.3:a:synology:router_manager:1.1-6338
-
cpe:2.3:a:synology:router_manager:1.1-6338-1
-
cpe:2.3:a:synology:router_manager:1.1-6338-2
-
cpe:2.3:a:synology:router_manager:1.1.1-6414
-
cpe:2.3:a:synology:router_manager:1.1.1-6414-1
-
cpe:2.3:a:synology:router_manager:1.1.2-6425
-
cpe:2.3:a:synology:router_manager:1.1.2-6425-1
-
cpe:2.3:a:synology:router_manager:1.1.2-6425-2
-
cpe:2.3:a:synology:router_manager:1.1.2-6425-3
-
cpe:2.3:a:synology:router_manager:1.1.3-6447
-
cpe:2.3:a:synology:router_manager:1.1.3-6447-1
-
cpe:2.3:a:synology:router_manager:1.1.3-6447-2
-
cpe:2.3:a:synology:router_manager:1.1.3-6447-3
-
cpe:2.3:a:synology:router_manager:1.1.3-6447-4
-
cpe:2.3:a:synology:router_manager:1.1.4-6509
-
cpe:2.3:a:synology:router_manager:1.1.4-6509-1
-
cpe:2.3:a:synology:router_manager:1.1.4-6509-2
-
cpe:2.3:a:synology:router_manager:1.1.4-6509-3
-
cpe:2.3:a:synology:router_manager:1.1.4-6509-4
-
cpe:2.3:a:synology:router_manager:1.1.5-6542
-
cpe:2.3:a:synology:router_manager:1.1.5-6542-1
-
cpe:2.3:a:synology:router_manager:1.1.5-6542-2
-
cpe:2.3:a:synology:router_manager:1.1.5-6542-3
-
cpe:2.3:a:synology:router_manager:1.1.5-6542-4
-
cpe:2.3:a:synology:router_manager:1.1.6-6931
-
cpe:2.3:a:synology:router_manager:1.1.6-6931-1
-
cpe:2.3:a:synology:router_manager:1.1.6-6931-2
-
cpe:2.3:a:synology:router_manager:1.1.6-6931-3
-
cpe:2.3:a:synology:router_manager:1.1.7-6941
-
cpe:2.3:a:synology:router_manager:1.1.7-6941-1
-
cpe:2.3:a:synology:router_manager:1.1.7-6941-2
-
cpe:2.3:a:synology:router_manager:1.1.7-6941-3
-
cpe:2.3:a:synology:router_manager:1.2
-
cpe:2.3:a:synology:router_manager:1.2-7742
-
cpe:2.3:a:synology:router_manager:1.2-7742-1
-
cpe:2.3:a:synology:router_manager:1.2-7742-2
-
cpe:2.3:a:synology:router_manager:1.2-7742-3
-
cpe:2.3:a:synology:router_manager:1.2-7742-4
-
cpe:2.3:a:synology:router_manager:1.2-7742-5
-
cpe:2.3:a:synology:router_manager:1.2.1-7779
-
cpe:2.3:a:synology:router_manager:1.2.1-7779-1
-
cpe:2.3:a:synology:router_manager:1.2.2-7915
-
cpe:2.3:a:synology:router_manager:1.2.3-8017-2
-
cpe:2.3:a:synology:router_manager:1.2.3-8087