Very Low
CVE-2017-9554
CVE ID
AttackerKB requires a CVE ID in order to pull vulnerability data and references from the CVE list and the National Vulnerability Database. If available, please supply below:
Add References:
CVE-2017-9554
MITRE ATT&CK
Collection
Command and Control
Credential Access
Defense Evasion
Discovery
Execution
Exfiltration
Impact
Initial Access
Lateral Movement
Persistence
Privilege Escalation
Topic Tags
Description
An information exposure vulnerability in forget_passwd.cgi in Synology DiskStation Manager (DSM) before 6.1.3-15152 allows remote attackers to enumerate valid usernames via unspecified vectors.
Add Assessment
Ratings
-
Attacker ValueVery Low
-
ExploitabilityVery High
Technical Analysis
Vulnerability is trivial to exploit. Send a GET request to /webman/forget_passwd.cgi?user=<username> and check the response.
A user who can login will give:
{ "info" : "admin group", "msg" : 1 }
A user who can’t login will give:
{ "info" : "no mail or no priviege", "msg" : 2 }
An invalid user will give:
{ "info" : "get user info failed", "msg" : 4 }
msg 3 means either the feature is disabled, or patched.
msg 5 means you’re locked out.
Default lockout policy is 10 logins in 5min. Each username enumeration counts as a login. Lockout is permanent by default.
Would you also like to delete your Exploited in the Wild Report?
Delete Assessment Only Delete Assessment and Exploited in the Wild ReportCVSS V3 Severity and Metrics
General Information
Vendors
- synology
Products
- diskstation manager
References
Additional Info
Technical Analysis
Report as Emergent Threat Response
Report as Exploited in the Wild
CVE ID
AttackerKB requires a CVE ID in order to pull vulnerability data and references from the CVE list and the National Vulnerability Database. If available, please supply below:
