Show filters
88 Total Results
Displaying 41-50 of 88
Sort by:
Attacker Value
Unknown
CVE-2021-26564
Disclosure Date: February 26, 2021 (last updated February 22, 2025)
Cleartext transmission of sensitive information vulnerability in synorelayd in Synology DiskStation Manager (DSM) before 6.2.3-25426-3 allows man-in-the-middle attackers to spoof servers via an HTTP session.
0
Attacker Value
Unknown
CVE-2021-26566
Disclosure Date: February 26, 2021 (last updated February 22, 2025)
Insertion of sensitive information into sent data vulnerability in synorelayd in Synology DiskStation Manager (DSM) before 6.2.3-25426-3 allows man-in-the-middle attackers to execute arbitrary commands via inbound QuickConnect traffic.
0
Attacker Value
Unknown
CVE-2021-26560
Disclosure Date: February 26, 2021 (last updated February 22, 2025)
Cleartext transmission of sensitive information vulnerability in synoagentregisterd in Synology DiskStation Manager (DSM) before 6.2.3-25426-3 allows man-in-the-middle attackers to spoof servers via an HTTP session.
0
Attacker Value
Unknown
CVE-2021-26563
Disclosure Date: February 26, 2021 (last updated February 22, 2025)
Incorrect authorization vulnerability in synoagentregisterd in Synology DiskStation Manager (DSM) before 6.2.4-25553 allows local users to execute arbitrary code via unspecified vectors.
0
Attacker Value
Unknown
CVE-2021-26565
Disclosure Date: February 26, 2021 (last updated February 22, 2025)
Cleartext transmission of sensitive information vulnerability in synorelayd in Synology DiskStation Manager (DSM) before 6.2.3-25426-3 allows man-in-the-middle attackers to obtain sensitive information via an HTTP session.
0
Attacker Value
Unknown
CVE-2020-27653
Disclosure Date: October 29, 2020 (last updated February 22, 2025)
Algorithm downgrade vulnerability in QuickConnect in Synology Router Manager (SRM) before 1.2.4-8081 allows man-in-the-middle attackers to spoof servers and obtain sensitive information via unspecified vectors.
0
Attacker Value
Unknown
CVE-2020-27650
Disclosure Date: October 29, 2020 (last updated February 22, 2025)
Synology DiskStation Manager (DSM) before 6.2.3-25426-2 does not set the Secure flag for the session cookie in an HTTPS session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an HTTP session.
0
Attacker Value
Unknown
CVE-2020-27652
Disclosure Date: October 29, 2020 (last updated February 22, 2025)
Algorithm downgrade vulnerability in QuickConnect in Synology DiskStation Manager (DSM) before 6.2.3-25426-2 allows man-in-the-middle attackers to spoof servers and obtain sensitive information via unspecified vectors.
0
Attacker Value
Unknown
CVE-2020-27656
Disclosure Date: October 29, 2020 (last updated February 22, 2025)
Cleartext transmission of sensitive information vulnerability in DDNS in Synology DiskStation Manager (DSM) before 6.2.3-25426-2 allows man-in-the-middle attackers to eavesdrop authentication information of DNSExit via unspecified vectors.
0
Attacker Value
Unknown
CVE-2020-27648
Disclosure Date: October 29, 2020 (last updated February 22, 2025)
Improper certificate validation vulnerability in OpenVPN client in Synology DiskStation Manager (DSM) before 6.2.3-25426-2 allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
0
