Synology: >> Ssl Vpn Client >> 1.2.4-0224 Security Vulnerabilities
Buffer copy without checking size of input ('Classic Buffer Overflow') vulnerability in cgi component in Synology SSL VPN Client before 1.4.7-0687 allows local users to conduct denial-of-service attacks via unspecified vectors.
CVSS Score
3.3
EPSS Score
0.001
Published
2023-11-07
Lack of administrator control over security vulnerability in client.cgi in Synology SSL VPN Client before 1.2.5-0226 allows remote attackers to conduct man-in-the-middle attacks via the (1) command, (2) hostname, or (3) port parameter.
CVSS Score
8.8
EPSS Score
0.003
Published
2019-04-01