Vulnerability Details CVE-2022-22683
Buffer copy without checking size of input ('Classic Buffer Overflow') vulnerability in cgi component in Synology Media Server before 1.8.1-2876 allows remote attackers to execute arbitrary code via unspecified vectors.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.019
EPSS Ranking 82.1%
CVSS Severity
CVSS v3 Score 10.0
References
Products affected by CVE-2022-22683
-
cpe:2.3:a:synology:media_server:-
-
cpe:2.3:a:synology:media_server:1.0-2260
-
cpe:2.3:a:synology:media_server:1.1-2325
-
cpe:2.3:a:synology:media_server:1.1-2327
-
cpe:2.3:a:synology:media_server:1.1-2406
-
cpe:2.3:a:synology:media_server:1.1-2407
-
cpe:2.3:a:synology:media_server:1.1-2411
-
cpe:2.3:a:synology:media_server:1.2-2489
-
cpe:2.3:a:synology:media_server:1.2-2491
-
cpe:2.3:a:synology:media_server:1.2-2492
-
cpe:2.3:a:synology:media_server:1.3-2575
-
cpe:2.3:a:synology:media_server:1.4
-
cpe:2.3:a:synology:media_server:1.4-2629
-
cpe:2.3:a:synology:media_server:1.4-2642
-
cpe:2.3:a:synology:media_server:1.4-2644
-
cpe:2.3:a:synology:media_server:1.4-2649
-
cpe:2.3:a:synology:media_server:1.4-2653
-
cpe:2.3:a:synology:media_server:1.4-2654
-
cpe:2.3:a:synology:media_server:1.5-2762
-
cpe:2.3:a:synology:media_server:1.6.0-2766
-
cpe:2.3:a:synology:media_server:1.6.1-2767
-
cpe:2.3:a:synology:media_server:1.6.2-2770
-
cpe:2.3:a:synology:media_server:1.7
-
cpe:2.3:a:synology:media_server:1.7.0-2810
-
cpe:2.3:a:synology:media_server:1.7.1-2810
-
cpe:2.3:a:synology:media_server:1.7.1-2820
-
cpe:2.3:a:synology:media_server:1.7.2-2830
-
cpe:2.3:a:synology:media_server:1.7.3-2841
-
cpe:2.3:a:synology:media_server:1.7.4-2852
-
cpe:2.3:a:synology:media_server:1.7.5-2854
-
cpe:2.3:a:synology:media_server:1.7.6-2842
-
cpe:2.3:a:synology:media_server:1.7.7-2855
-
cpe:2.3:a:synology:media_server:1.7.8-2844
-
cpe:2.3:a:synology:media_server:1.7.9-2858
-
cpe:2.3:a:synology:router_manager:1.2
-
cpe:2.3:o:synology:diskstation_manager:6.2