Product:

Router_manager

(Synology)
Repositories

Unknown:

This might be proprietary software.
#Vulnerabilities 42
Date Id Summary Products Score Patch Annotated
2019-04-01 CVE-2018-13290 Information exposure vulnerability in SYNO.Core.ACL in Synology Router Manager (SRM) before 1.1.7-6941-2 allows remote authenticated users to determine the existence of files or obtain sensitive information of files via the file_path parameter. Router_manager 4.3
2019-04-01 CVE-2018-13289 Information exposure vulnerability in SYNO.FolderSharing.List in Synology Router Manager (SRM) before 1.1.7-6941-2 allows remote attackers to obtain sensitive information via the (1) folder_path or (2) real_path parameter. Router_manager 5.3
2019-04-01 CVE-2018-13287 Incorrect default permissions vulnerability in synouser.conf in Synology Router Manager (SRM) before 1.1.7-6941-1 allows remote authenticated users to obtain sensitive information via the world readable configuration. Router_manager 6.5
2019-04-01 CVE-2018-13285 Command injection vulnerability in ftpd in Synology Router Manager (SRM) before 1.1.7-6941-1 allows remote authenticated users to execute arbitrary OS commands via the (1) MKD or (2) RMD command. Router_manager 8.8
2017-12-08 CVE-2017-15895 Directory traversal vulnerability in the SYNO.FileStation.Extract in Synology Router Manager (SRM) before 1.1.5-6542-4 allows remote authenticated users to write arbitrary files via the dest_folder_path parameter. Router_manager 6.5
2018-06-08 CVE-2017-12078 Command injection vulnerability in EZ-Internet in Synology Router Manager (SRM) before 1.1.6-6931 allows remote authenticated users to execute arbitrary command via the username parameter. Router_manager 7.2
2017-08-28 CVE-2017-12077 Uncontrolled Resource Consumption vulnerability in SYNO.Core.PortForwarding.Rules in Synology Router Manager (SRM) before 1.1.4-6509 allows remote authenticated attacker to exhaust the memory resources of the machine, causing a denial of service attack. Router_manager 4.9