First published: Wed Jul 27 2022(Updated: )
Exposure of sensitive information to an unauthorized actor vulnerability in web server in Synology Media Server before 1.8.1-2876 allows remote attackers to obtain sensitive information via unspecified vectors.
Credit: security@synology.com
Affected Software | Affected Version | How to fix |
---|---|---|
Synology Media Server | <1.8.1-2876 | |
Synology DiskStation Manager | =6.2 | |
Synology Media Server | <1.4-2665 | |
Synology Router Manager | =1.2 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2022-27614 is a vulnerability in the web server of Synology Media Server before 1.8.1-2876 that allows remote attackers to obtain sensitive information.
CVE-2022-27614 affects Synology Media Server versions up to and excluding 1.8.1-2876, exposing sensitive information to unauthorized actors.
CVE-2022-27614 has a severity rating of 7.5 (high).
To fix CVE-2022-27614, users should update Synology Media Server to version 1.8.1-2876 or later.
More information about CVE-2022-27614 can be found in the Synology security advisory: https://www.synology.com/security/advisory/Synology_SA_20_24