Vulnerability Details CVE-2020-27657
Cleartext transmission of sensitive information vulnerability in DDNS in Synology Router Manager (SRM) before 1.2.4-8081 allows man-in-the-middle attackers to eavesdrop authentication information of DNSExit via unspecified vectors.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 27.7%
CVSS Severity
CVSS v3 Score 6.5
CVSS v2 Score 4.3
References
Products affected by CVE-2020-27657
-
cpe:2.3:a:synology:router_manager:1.2
-
cpe:2.3:a:synology:router_manager:1.2-7742
-
cpe:2.3:a:synology:router_manager:1.2-7742-1
-
cpe:2.3:a:synology:router_manager:1.2-7742-2
-
cpe:2.3:a:synology:router_manager:1.2-7742-3
-
cpe:2.3:a:synology:router_manager:1.2-7742-4
-
cpe:2.3:a:synology:router_manager:1.2-7742-5
-
cpe:2.3:a:synology:router_manager:1.2.1-7779
-
cpe:2.3:a:synology:router_manager:1.2.1-7779-1
-
cpe:2.3:a:synology:router_manager:1.2.2-7915
-
cpe:2.3:a:synology:router_manager:1.2.3-8017-2
-
cpe:2.3:a:synology:router_manager:1.2.3-8087