Synology Radius Server vulnerabilities

CVE-2024-13987 [MEDIUM] CWE-79 CVE-2024-13987: Improper neutralization of input during web page generation ('Cross-site Scripting') vulnerability i Improper neutralization of input during web page generation ('Cross-site Scripting') vulnerability in Synology RADIUS Server allows remote authenticated users with administrator privileges to read or write limited files in SRM and conduct limited denial-of-service via unspecified vectors.

CVE-2019-9499 [HIGH] CWE-346 CVE-2019-9499: The implementations of EAP-PWD in wpa_supplicant EAP Peer, when built against a crypto library missi The implementations of EAP-PWD in wpa_supplicant EAP Peer, when built against a crypto library missing explicit validation on imported elements, do not validate the scalar and element values in EAP-pwd-Commit. An attacker may complete authentication, session key and control of the data connection with a client. Both hostapd with SAE support and wpa_supp

CVE-2019-9498 [HIGH] CWE-346 CVE-2019-9498: The implementations of EAP-PWD in hostapd EAP Server, when built against a crypto library missing ex The implementations of EAP-PWD in hostapd EAP Server, when built against a crypto library missing explicit validation on imported elements, do not validate the scalar and element values in EAP-pwd-Commit. An attacker may be able to use invalid scalar/element values to complete authentication, gaining session key and network access without needing or lea

CVE-2019-9494 [MEDIUM] CWE-208 CVE-2019-9494: The implementations of SAE in hostapd and wpa_supplicant are vulnerable to side channel attacks as a The implementations of SAE in hostapd and wpa_supplicant are vulnerable to side channel attacks as a result of observable timing differences and cache access patterns. An attacker may be able to gain leaked information from a side channel attack that can be used for full password recovery. Both hostapd with SAE support and wpa_supplicant with SAE supp

CVE-2019-9495 [LOW] CWE-524 CVE-2019-9495: The implementations of EAP-PWD in hostapd and wpa_supplicant are vulnerable to side-channel attacks The implementations of EAP-PWD in hostapd and wpa_supplicant are vulnerable to side-channel attacks as a result of cache access patterns. All versions of hostapd and wpa_supplicant with EAP-PWD support are vulnerable. The ability to install and execute applications is necessary for a successful attack. Memory access patterns are visible in a shared cache.