Synology Router Manager vulnerabilities
59 known vulnerabilities affecting synology/router_manager.
Total CVEs
59
CISA KEV
0
Public exploits
3
Exploited in wild
0
Severity breakdown
CRITICAL7HIGH21MEDIUM30LOW1
Vulnerabilities
Page 1 of 3
CVE-2018-1160P1CRITICALCVSS 9.8PoC≥ 1.2, < 1.2-7742-52018-12-20
CVE-2018-1160 [CRITICAL] CWE-787 CVE-2018-1160: Netatalk before 3.1.12 is vulnerable to an out of bounds write in dsi_opensess.c. This is due to lac
Netatalk before 3.1.12 is vulnerable to an out of bounds write in dsi_opensess.c. This is due to lack of bounds checking on attacker controlled data. A remote unauthenticated attacker can leverage this vulnerability to achieve arbitrary code execution.
nvd
CVE-2017-14491P1CRITICALCVSS 9.8PoCv1.12017-10-04
CVE-2017-14491 [CRITICAL] CWE-787 CVE-2017-14491: Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of servi
Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DNS response.
nvd
CVE-2017-5753P2MEDIUMCVSS 5.6PoC≥ 1.1, < 1.1.7-6941-12018-01-04
CVE-2017-5753 [MEDIUM] CWE-203 CVE-2017-5753: Systems with microprocessors utilizing speculative execution and branch prediction may allow unautho
Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.
nvd
CVE-2023-32956P2CRITICALCVSS 9.8≥ 1.2, < 1.2.5-8227-6≥ 1.3, < 1.3.1-9346-32023-05-16
CVE-2023-32956 [CRITICAL] CVE-2023-32956: Improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerabi
Improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability in CGI component in Synology Router Manager (SRM) before 1.2.5-8227-6 and 1.3.1-9346-3 allows remote attackers to execute arbitrary code via unspecified vectors.
nvd
CVE-2020-27654P2CRITICALCVSS 9.8fixed in 1.2.4-80812020-10-29
CVE-2020-27654 [CRITICAL] CWE-269 CVE-2020-27654: Improper access control vulnerability in lbd in Synology Router Manager (SRM) before 1.2.4-8081 allo
Improper access control vulnerability in lbd in Synology Router Manager (SRM) before 1.2.4-8081 allows remote attackers to execute arbitrary commands via port (1) 7786/tcp or (2) 7787/tcp.
nvd
CVE-2020-27655P2CRITICALCVSS 10.0≥ 1.2, < 1.2.4-80812020-10-29
CVE-2020-27655 [CRITICAL] CWE-269 CVE-2020-27655: Improper access control vulnerability in Synology Router Manager (SRM) before 1.2.4-8081 allows remo
Improper access control vulnerability in Synology Router Manager (SRM) before 1.2.4-8081 allows remote attackers to access restricted resources via inbound QuickConnect traffic.
nvd
CVE-2023-41738P2HIGHCVSS 8.8fixed in 1.3.1-9346-62023-08-31
CVE-2023-41738 [HIGH] CVE-2023-41738: Improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerabi
Improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability in Directory Domain Functionality in Synology Router Manager (SRM) before 1.3.1-9346-6 allows remote authenticated users to execute arbitrary commands via unspecified vectors.
nvd
CVE-2018-13285P3HIGHCVSS 8.8≥ 1.1, < 1.1.7-6941-12019-04-01
CVE-2018-13285 [HIGH] CWE-78 CVE-2018-13285: Command injection vulnerability in ftpd in Synology Router Manager (SRM) before 1.1.7-6941-1 allows
Command injection vulnerability in ftpd in Synology Router Manager (SRM) before 1.1.7-6941-1 allows remote authenticated users to execute arbitrary OS commands via the (1) MKD or (2) RMD command.
nvd
CVE-2023-32955P3HIGHCVSS 8.1≥ 1.2, < 1.2.5-8227-6≥ 1.3, < 1.3.1-9346-32023-05-16
CVE-2023-32955 [HIGH] CVE-2023-32955: Improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerabi
Improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability in DHCP Client Functionality in Synology Router Manager (SRM) before 1.2.5-8227-6 and 1.3.1-9346-3 allows man-in-the-middle attackers to execute arbitrary commands via unspecified vectors.
nvd
CVE-2023-0077P3CRITICALCVSS 9.8≥ 1.2, < 1.2.5-8227-6≥ 1.3, < 1.3.1-9346-32023-01-05
CVE-2023-0077 [CRITICAL] CVE-2023-0077: Integer overflow or wraparound vulnerability in CGI component in Synology Router Manager (SRM) befor
Integer overflow or wraparound vulnerability in CGI component in Synology Router Manager (SRM) before 1.2.5-8227-6 and 1.3.1-9346-3 allows remote attackers to overflow buffers via unspecified vectors.
nvd
CVE-2019-9501P3HIGHCVSS 8.8v1.22020-02-03
CVE-2019-9501 [HIGH] CWE-122 CVE-2019-9501: The Broadcom wl WiFi driver is vulnerable to a heap buffer overflow. By supplying a vendor informati
The Broadcom wl WiFi driver is vulnerable to a heap buffer overflow. By supplying a vendor information element with a data length larger than 32 bytes, a heap buffer overflow is triggered in wlc_wpa_sup_eapol. In the worst case scenario, by sending specially-crafted WiFi packets, a remote, unauthenticated attacker may be able to execute arbitrary code o
nvd
CVE-2019-9502P3HIGHCVSS 8.8v1.22020-02-03
CVE-2019-9502 [HIGH] CWE-122 CVE-2019-9502: The Broadcom wl WiFi driver is vulnerable to a heap buffer overflow. If the vendor information eleme
The Broadcom wl WiFi driver is vulnerable to a heap buffer overflow. If the vendor information element data length is larger than 164 bytes, a heap buffer overflow is triggered in wlc_wpa_plumb_gtk. In the worst case scenario, by sending specially-crafted WiFi packets, a remote, unauthenticated attacker may be able to execute arbitrary code on a vulnera
nvd
CVE-2024-53286P3HIGHCVSS 7.2≥ 1.3, < 1.3.1-9346v1.3.1-93462025-07-23
CVE-2024-53286 [HIGH] CWE-78 CVE-2024-53286: Improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerabi
Improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability in DDNS Record functionality in Synology Router Manager (SRM) before 1.3.1-9346-11 allows remote authenticated users with administrator privileges to execute arbitrary code via unspecified vectors.
nvd
CVE-2024-11398P3HIGHCVSS 8.1≥ 1.3, < 1.3.1-9346v1.3.1-93462024-12-04
CVE-2024-11398 [HIGH] CWE-22 CVE-2024-11398: Improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in OTP
Improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in OTP reset functionality in Synology Router Manager (SRM) before 1.3.1-9346-9 allows remote authenticated users to delete arbitrary files via unspecified vectors.
nvd
CVE-2019-9499P3HIGHCVSS 8.1v1.22019-04-17
CVE-2019-9499 [HIGH] CWE-346 CVE-2019-9499: The implementations of EAP-PWD in wpa_supplicant EAP Peer, when built against a crypto library missi
The implementations of EAP-PWD in wpa_supplicant EAP Peer, when built against a crypto library missing explicit validation on imported elements, do not validate the scalar and element values in EAP-pwd-Commit. An attacker may complete authentication, session key and control of the data connection with a client. Both hostapd with SAE support and wpa_supp
nvd
CVE-2019-9498P3HIGHCVSS 8.1v1.22019-04-17
CVE-2019-9498 [HIGH] CWE-346 CVE-2019-9498: The implementations of EAP-PWD in hostapd EAP Server, when built against a crypto library missing ex
The implementations of EAP-PWD in hostapd EAP Server, when built against a crypto library missing explicit validation on imported elements, do not validate the scalar and element values in EAP-pwd-Commit. An attacker may be able to use invalid scalar/element values to complete authentication, gaining session key and network access without needing or lea
nvd
CVE-2023-0142P3HIGHCVSS 8.1≥ 1.2, < 1.3.1-9346v1.3.1-93462023-06-13
CVE-2023-0142 [HIGH] CWE-427 CVE-2023-0142: Uncontrolled search path element vulnerability in Backup Management functionality in Synology DiskSt
Uncontrolled search path element vulnerability in Backup Management functionality in Synology DiskStation Manager (DSM) before 6.2.4-25556-8, 7.0.1-42218-7 and 7.1-42661 allows remote authenticated users with administrator privileges to read or write arbitrary files via unspecified vectors.
nvd
CVE-2025-29846P3HIGHCVSS 7.2≥ 1.3, < 1.3.1-9346v1.3.1-93462025-12-04
CVE-2025-29846 [HIGH] CWE-22 CVE-2025-29846: A vulnerability in portenable cgi allows remote authenticated users to get the status of installed p
A vulnerability in portenable cgi allows remote authenticated users to get the status of installed packages.
nvd
CVE-2017-12078P3HIGHCVSS 7.2fixed in 1.1.6-69312018-06-08
CVE-2017-12078 [HIGH] CWE-77 CVE-2017-12078: Command injection vulnerability in EZ-Internet in Synology Router Manager (SRM) before 1.1.6-6931 al
Command injection vulnerability in EZ-Internet in Synology Router Manager (SRM) before 1.1.6-6931 allows remote authenticated users to execute arbitrary command via the username parameter.
nvd
CVE-2022-43932P3HIGHCVSS 7.5≥ 1.2, < 1.2.5-8227-6≥ 1.3, < 1.3.1-9346-32023-01-05
CVE-2022-43932 [HIGH] CVE-2022-43932: Improper neutralization of special elements in output used by a downstream component ('Injection') v
Improper neutralization of special elements in output used by a downstream component ('Injection') vulnerability in CGI component in Synology Router Manager (SRM) before 1.2.5-8227-6 and 1.3.1-9346-3 allows remote attackers to read arbitrary files via unspecified vectors.
nvd
1 / 3Next →