Synology-SA-17:20 SRM

Publish Time: 2017-06-12 00:00:00 UTC+8

Last Updated: 2017-06-12 16:23:00 UTC+8

Severity: Important

Status: Resolved

Abstract

Several vulnerabilities have been found in Traffic Control. These vulnerabilities can allow remote attackers to steal user tokens and log in as the administrator, or allow remote authenticated attackers to access sensitive files on a Synology Router.

Severity

Important

Affected

Products
- SRM 1.1
Models
- All Synology Router models

Description

A cross-site scripting (XSS) vulnerability in Traffic Control in Synology Router Manager (SRM) 1.1-6338 through 1.1.4-6509 before 1.1.4-6509-1 allows remote attackers to inject arbitrary web scripts or arbitrary HTML codes persistently via unspecified parameters.

An SQL injection vulnerability in Traffic Control in Synology Router Manager (SRM) 1.1-6338 through 1.1.4-6509 before 1.1.4-6509-1 allows remote attackers to execute arbitrary SQL commands via unspecified parameters.

A directory traversal vulnerability in Traffic Control in Synology Router Manager (SRM) 1.1-6338 through 1.1.4-6509 before 1.1.4-6509-1 allows remote authenticated attackers to read arbitrary files via unspecified parameters.

Mitigation

None

Update Availability

To fix the security issues, please go to SRM > Control Panel > System > Update & Restore > SRM Update and install the latest version (1.1.4-6509-1) of SRM.