Akamai Acquires Asavie

Enterprise Vulnerabilities
From DHS/US-CERT’s National Vulnerability Database CVE-2020-27652
PUBLISHED: 2020-10-29

Algorithm downgrade vulnerability in QuickConnect in Synology DiskStation Manager (DSM) before 6.2.3-25426-2 allows man-in-the-middle attackers to spoof servers and obtain sensitive information via unspecified vectors.

CVE-2020-27653
PUBLISHED: 2020-10-29

Algorithm downgrade vulnerability in QuickConnect in Synology Router Manager (SRM) before 1.2.4-8081 allows man-in-the-middle attackers to spoof servers and obtain sensitive information via unspecified vectors.

CVE-2020-27654
PUBLISHED: 2020-10-29

Improper access control vulnerability in lbd in Synology Router Manager (SRM) before 1.2.4-8081 allows remote attackers to execute arbitrary commands via port (1) 7786/tcp or (2) 7787/tcp.

CVE-2020-27655
PUBLISHED: 2020-10-29

Improper access control vulnerability in Synology Router Manager (SRM) before 1.2.4-8081 allows remote attackers to access restricted resources via inbound QuickConnect traffic.

CVE-2020-27656
PUBLISHED: 2020-10-29

Cleartext transmission of sensitive information vulnerability in DDNS in Synology DiskStation Manager (DSM) before 6.2.3-25426-2 allows man-in-the-middle attackers to eavesdrop authentication information of DNSExit via unspecified vectors.

Read More HERE

Leave a Reply