Threat Advisory

Synology Router Vulnerabilities Let Attackers Inject Arbitrary Web Script

Threat: Vulnerability
Criticality: High

EXECUTIVE SUMMARY:

Multiple moderate-severity Cross-site Scripting (XSS) vulnerabilities have been addressed in Router Manager (SRM) software, impacting functionalities such as File Station, Network Center, and WiFi Connect settings. These vulnerabilities, exploitable primarily by authenticated users with administrator privileges, allow malicious web script or HTML injection, potentially leading to sensitive information theft, user session manipulation, or system defacement.

 

  • CVE-2024-53279: Affects File Station, enabling XSS attacks with a CVSS score of 5.9 that allow web script or HTML injection.

 

  • CVE-2024-53280: Affects Policy Route in Network Center, permitting XSS exploitation with a CVSS score of 5.9 for web script or HTML injection.

 

  • CVE-2024-53281: Targets Wake-on-LAN (WOL) functionality with an XSS vulnerability, assigned a CVSS score of 5.9, enabling arbitrary web script/HTML injection.

 

  • CVE-2024-53282: Impacts WiFi Connect MAC Filter, allowing XSS exploitation with a CVSS score of 5.9 for web script/HTML injection.

 

  • CVE-2024-53283: Exploits Router Port Forwarding with an XSS flaw, given a CVSS score of 5.9, allowing web script or HTML injection.

 

  • CVE-2024-53284: Targets WiFi Connect Settings, enabling XSS attacks with a CVSS score of 5.9 for web script/HTML injection.

 

  • CVE-2024-53285: Affects DDNS Record functionality, permitting XSS exploitation with a CVSS score of 5.9 for web script or HTML injection.

 

Users should update their Router Manager software to the latest version to address the identified vulnerabilities. This mitigates risks of malicious script injection and protects against potential data theft or system manipulation.

RECOMMENDATION:

  • We strongly recommend you update Synology Router Manager (SRM) to version 1.3.1-9346-10 or above.

REFERENCES:

The following reports contain further technical details:
https://cybersecuritynews.com/synology-router-vulnerabilities/

crossmenu