![]() Synology Announces SA3610 and SA3410 NAS for Scalable, Petabyte-level Storage - 08:51 AM Synology's swift response to security concerns reinforces its commitment to providing a secure and reliable user experience for its valued customer base. Attackers could execute malicious code through this backdoor without requiring elevated privileges. Earlier this year, Synology successfully addressed another vulnerability that allowed its routers to be exploited as VPN servers. However, the company does not provide interim countermeasures against the vulnerability. Synology has promptly addressed the issue by releasing a patch, version 1.4.6-0685, effectively resolving the vulnerability present in both the 1.2 and 1.3 versions of the operating system. While specific details are not disclosed, the severity of the vulnerability is categorized as "moderate" by Synology, but the German cybersecurity agency BSI rates it as "critical" with a CVSS base score of 9.1. Exploiting this vulnerability allows attackers to remotely execute SQL commands and gain unauthorized access to manipulate files. The vulnerability in question pertains to the VPN Plus Server software for the SRM 1.2 operating system utilized in Synology's routers. In an effort to safeguard its global user base, Synology, a prominent player in the technology sector, has unveiled a critical alert concerning a major security flaw identified in its cutting-edge router VPN software. This urgent notification serves as a proactive measure to ensure the safety and security of Synology router users worldwide. Synology has raised an alarm regarding a significant security vulnerability discovered in its renowned router VPN software.
0 Comments
Leave a Reply. |