CVE-2021-34808: SSRF
First published: Thu Jun 17 2021(Updated: )
Server-Side Request Forgery (SSRF) vulnerability in cgi component in Synology Media Server before 1.8.3-2881 allows remote attackers to access intranet resources via unspecified vectors.
Credit: security@synology.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Synology Media Server | <1.8.3-2881 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this Synology Media Server vulnerability?
The vulnerability ID for this Synology Media Server vulnerability is CVE-2021-34808.
What is the severity of CVE-2021-34808?
CVE-2021-34808 has a severity value of 5.3, which is classified as medium.
What is the affected software?
The affected software is Synology Media Server version up to and excluding 1.8.3-2881.
What is the description of CVE-2021-34808?
CVE-2021-34808 is a Server-Side Request Forgery (SSRF) vulnerability in the cgi component of Synology Media Server before 1.8.3-2881, which allows remote attackers to access intranet resources via unspecified vectors.
How can I fix CVE-2021-34808?
To fix CVE-2021-34808, it is recommended to update Synology Media Server to version 1.8.3-2881 or a newer version.
- collector/nvd-index
- agent/weakness
- agent/type
- agent/severity
- agent/references
- agent/author
- agent/description
- agent/tags
- agent/event
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- vendor/synology
- canonical/synology media server