Synology-SA-18:53 Web Proxy Auto-Discovery
Publish Time: 2018-09-05 23:52:05 UTC+8
Last Updated: 2020-02-21 21:19:39 UTC+8
- Severity
- Moderate
- Status
- Resolved
Abstract
A vulnerability allows remote attackers to conduct man-in-the-middle attack via a susceptible version of Synology DiskStation Manager (DSM) or Synology Router Manager (SRM).
Affected Products
| Product | Severity | Fixed Release Availability |
|---|---|---|
| DSM 6.2 | Moderate | Upgrade to 6.2.1-23824 or above. |
| DSM 6.1 | Moderate | Upgrade to 6.2.1-23824 or above. |
| DSM 5.2 | Moderate | Upgrade to 6.2.1-23824 or above. |
| SkyNAS | Moderate | Will not fix. |
| VS960HD | Not affected | N/A |
| SRM 1.1 | Moderate | Upgrade to 1.1.7-6941-2 or above. |
Mitigation
None
Detail
Reserved
Reference
Problems with automatic DNS registration and autodiscovery
Revision
| Revision | Date | Description |
|---|---|---|
| 1 | 2018-09-05 | Initial public release. |