First published: Tue Jan 03 2023(Updated: )
Out-of-bounds write vulnerability in Remote Desktop Functionality in Synology VPN Plus Server before 1.4.3-0534 and 1.4.4-0635 allows remote attackers to execute arbitrary commands via unspecified vectors.
Credit: security@synology.com security@synology.com
Affected Software | Affected Version | How to fix |
---|---|---|
Synology VPN Plus Server | <1.4.3-0534 | |
Synology Router Manager | =1.2 | |
Synology VPN Plus Server | <1.4.4-0635 | |
Synology Router Manager | =1.3 | |
All of | ||
Synology VPN Plus Server | <1.4.3-0534 | |
Synology Router Manager | =1.2 | |
All of | ||
Synology VPN Plus Server | <1.4.4-0635 | |
Synology Router Manager | =1.3 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID is CVE-2022-43931.
The severity level of CVE-2022-43931 is critical.
Synology VPN Plus Server versions before 1.4.3-0534 and 1.4.4-0635 are affected by CVE-2022-43931.
Remote attackers can exploit CVE-2022-43931 to execute arbitrary commands via unspecified vectors.
No, Synology Router Manager is not affected by CVE-2022-43931.