First published: Tue Oct 24 2023(Updated: )
Buffer copy without checking size of input ('Classic Buffer Overflow') vulnerability in cgi component in Synology SSL VPN Client before 1.4.7-0687 allows local users to conduct denial-of-service attacks via unspecified vectors.
Credit: security@synology.com
Affected Software | Affected Version | How to fix |
---|---|---|
<1.4.7-0687 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2023-5748 is a 'Classic Buffer Overflow' vulnerability in the cgi component in Synology SSL VPN Client before version 1.4.7-0687.
CVE-2023-5748 has a severity rating of 5.5, which is considered medium.
Local users can exploit CVE-2023-5748 by conducting denial-of-service attacks through unspecified vectors.
The Synology SSL VPN Client versions up to and excluding 1.4.7-0687 are affected by CVE-2023-5748.
More information about CVE-2023-5748 can be found in the Synology security advisory: [link](https://www.synology.com/en-global/security/advisory/Synology_SA_23_12).