Synology: >> Router Manager >> 1.0.1-6007-1 Security Vulnerabilities
Command injection vulnerability in EZ-Internet in Synology Router Manager (SRM) before 1.1.6-6931 allows remote authenticated users to execute arbitrary command via the username parameter.
CVSS Score
7.2
EPSS Score
0.079
Published
2018-06-08
Directory traversal vulnerability in the SYNO.FileStation.Extract in Synology Router Manager (SRM) before 1.1.5-6542-4 allows remote authenticated users to write arbitrary files via the dest_folder_path parameter.
CVSS Score
6.5
EPSS Score
0.003
Published
2017-12-08
Uncontrolled Resource Consumption vulnerability in SYNO.Core.PortForwarding.Rules in Synology Router Manager (SRM) before 1.1.4-6509 allows remote authenticated attacker to exhaust the memory resources of the machine, causing a denial of service attack.
CVSS Score
4.9
EPSS Score
0.005
Published
2017-08-28
Page 2