Synology patches maximum risk flaw in its VPN routers

By Scott Marlette Last updated Jan 4, 2023

Synology has patched a vulnerability discovered in its router software, that’s been rated maximum severity – 10/10.

According to an advisory released by the NAS manufacturer, the vulnerability was discovered in its VPN Plus Server software, and is now being tracked as CVE-2022-43931.

The software allows the routers to be configured as VPN servers and enables remote access to the endpoints behind that router.

Remote code execution and other woes

Apparently, threat actors can exploit the flaw in low-complexity attacks, and would not require any privileges, or user interaction, to gain access, with an extensive list of potential damage.

“A vulnerability allows remote attackers to possible execute arbitrary command via a susceptible version of Synology VPN Plus Server,” the advisory reads. “Out-of-bounds write vulnerability in Remote Desktop Functionality in Synology VPN Plus Server before 1.4.3-0534 and 1.4.4-0635 allows remote attackers to execute arbitrary commands via unspecified vectors.”

Out-of-bounds write vulnerabilities allow for data corruption, system crashes, as well as code execution following memory corruption, BleepingComputer explained.

This is not the first time Synology has had to address a high-severity vulnerability in its products – as in December 2022, it patched multiple such flaws discovered in its Router Manager.

“Multiple vulnerabilities allow remote attackers to execute arbitrary command, conduct denial-of-service attacks or read arbitrary files via a susceptible version of Synology Router Manager (SRM),” the company said at the time.

No CVEs were published for these vulnerabilities, but we do know that at least two security experts and teams were successful at creating a proof-of-concept using the Synology RT6600ax (opens in new tab) router, during the Pwn2Own Toronto 2022 hacking contest.

Cybersecurity researcher Gaurav Baruah was awarded $20,000 for successfully running a command injection attack against the WAN interface of the Synology RT6600ax.

In April last year, the company announced patching a number of flaws affecting multiple products: “Multiple vulnerabilities allow remote attackers to obtain sensitive information and possibly execute arbitrary code via a susceptible version of Synology DiskStation Manager (DSM) and Synology Router Manager (SRM),” the firm said in an advisory back then.

Via: BleepingComputer (opens in new tab)

For all the latest Technology News Click Here

For the latest news and updates, follow us on Google News.

Read original article here

Denial of responsibility! TechNewsBoy.com is an automatic aggregator around the global media. All the content are available free on Internet. We have just arranged it in one platform for educational purpose only. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials on our website, please contact us by email – [email protected]. The content will be deleted within 24 hours.