Synology, a leading provider of network-attached storage and networking solutions, has recently patched multiple vulnerabilities in its Router Manager (SRM) software.
These security flaws, classified as moderate in severity, could allow attackers to inject arbitrary web scripts or HTML into affected devices.
The vulnerabilities, identified as CVE-2024-53279 through CVE-2024-53285, affect Synology Router Manager (SRM) versions prior to 1.3.1-9346-10.
These flaws stem from improper neutralization of input during web page generation, commonly known as Cross-site Scripting (XSS) vulnerabilities.
Affected Functionalities:
- File station
- Network center policy route
- Network WOL
- WiFi Connect MAC Filter
- Router Port Forward
- WiFi Connect Setting
- DDNS Record
Synology analysts identified that each vulnerability has been assigned a CVSS3 Base Score of 5.9, indicating a moderate severity level.
Leveraging 2024 MITRE ATT&CK Results for SME & MSP Cybersecurity Leaders – Attend Free Webinar
Vulnerabilities
CVE-2024-53279
- Feature: File Station
- Issue: XSS vulnerability
- Impact: Allows arbitrary web script/HTML injection.
CVE-2024-53280
- Feature: Policy Route (Network Center)
- Issue: XSS vulnerability
- Impact: Allows arbitrary web script/HTML injection.
CVE-2024-53281
- Feature: Wake-on-LAN (WOL)
- Issue: XSS vulnerability
- Impact: Allows arbitrary web script/HTML injection.
CVE-2024-53282
- Feature: WiFi Connect MAC Filter
- Issue: XSS vulnerability
- Impact: Allows arbitrary web script/HTML injection.
CVE-2024-53283
- Feature: Router Port Forwarding
- Issue: XSS vulnerability
- Impact: Allows arbitrary web script/HTML injection.
CVE-2024-53284
- Feature: WiFi Connect Settings
- Issue: XSS vulnerability
- Impact: Allows arbitrary web script/HTML injection.
CVE-2024-53285
- Feature: DDNS Record
- Issue: XSS vulnerability
- Impact: Allows arbitrary web script/HTML injection.
The vulnerabilities primarily affect remote authenticated users, with most requiring administrator privileges to exploit. Successful exploitation could allow attackers to inject malicious web scripts or HTML code, potentially leading to:-
- Theft of sensitive information
- Manipulation of user sessions
- Defacement of the router’s web interface
- Potential execution of arbitrary commands on the affected device
Synology has addressed these vulnerabilities in the latest release of SRM. Users are strongly advised to upgrade their Synology Router Manager to version 1.3.1-9346-10 or above to mitigate the risk.
This is not the first time Synology routers have faced security challenges. In late 2022, the company patched several critical vulnerabilities, including flaws that were likely exploited at the Pwn2Own hacking contest.
These past incidents highlight the ongoing importance of router security and the need for regular updates.
While these vulnerabilities require authentication and, in most cases, administrator privileges, they still pose a significant risk if exploited by malicious actors who gain access to the router’s management interface.
Synology’s swift response in patching these vulnerabilities demonstrates the company’s commitment to user security.
Analyse Real-World Malware & Phishing Attacks With ANY.RUN - Get up to 3 Free Licenses