CVE-2023-41740
CVSS 3.1 Score 5.3 of 10 (medium)
Details
Published Aug 31, 2023
Updated: Nov 7, 2023
Summary
CVE-2023-41740 is a path traversal vulnerability affecting the cgi component in Synology Router Manager (SRM) prior to version 1.3.1-9346-6. This issue permits remote attackers to access specific files by improperly limiting the pathname to a restricted directory. The precise vectors of attack are yet to be determined. Successful exploitation could lead to the disclosure of sensitive information. It is strongly advised that users update their Synology Router Manager software to the latest version to mitigate this risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Products
- Synology Router Manager
Affected Vendors
- Synology