Synology finally patches major vulnerability in its VPN router
Synology has now identified a vulnerability in its router software and has given the vulnerability a maximum severity rating of 10/10.
According to a recently published advisory by the NAS manufacturer, the said vulnerability has been spotted Its VPN Plus server software, and is currently being tracked as CVE-2022-43931 The software in question allows routers to be configured as VPN servers and then enables remote access to endpoints behind that router.
Threat actors can apparently exploit flaws in less-sophisticated attacks and yet not require any privileges or user interaction to gain access to a broad list of potential vulnerabilities.
What is suggested by Synology states
“A weakness allows Remote attackers are likely to execute arbitrary commands Through a sensitive version of the Synology VPN Plus server,” the advisor says. “Out of bounds write vulnerability in remote desktop functionality in Synology VPN Plus servers before 1.4.3-0534 and 1.4.4-0635 allows remote attackers to execute arbitrary commands via unspecified vectors.”
As BleepingComputer explains, out-of-bounds write vulnerabilities allow code execution after data corruption, system crashes, as well as memory corruption.
This is not the first time Synology’s products have to deal with a high intensity and service. In December last year, the company patched various flaws it discovered in its Router Manager.
What to say about company development
“Multiple vulnerabilities allow remote attackers to execute arbitrary commands, conduct a denial-of-service attack, or read arbitrary files via a vulnerable version of Synology Router Manager (SRM),” the company said at the time.
No CVE has been published for this type of vulnerability, but we know that two security experts and teams have at least succeeded in creating a proof-of-concept using a Synology RT6600ax router. During the Pwn2Own Toronto Hacking Contest.
Cybersecurity researcher Gaurav Barua has been awarded $20,000 for executing a command injection attack against the WAN interface of a Synology RT6600ax.
Synology has patched several bugs that affected many products last year
In April last year, the company announced it had patched several flaws affecting many products: “Multiple vulnerabilities allow remote attackers to obtain sensitive information and possibly execute arbitrary code via a sensitive version of Synology DiskStation Manager (DSM). and Synology Router Manager (SRM), The company then said in an advisory.