CVE-2024-53280
CVSS 3.1 Score 5.9 of 10 (medium)
Details
Summary
CVE-2024-53280 is a Cross-Site Scripting (XSS) vulnerability affecting Synology Router Manager (SRM) before version 1.3.1-9346-10. This issue allows remote authenticated users with administrator privileges to inject arbitrary web scripts or HTML into the network center policy route functionality. By exploiting this vulnerability, an attacker can manipulate the web page, potentially stealing sensitive information or gaining unauthorized access. This can pose a significant risk to organizations using the affected SRM version. It is recommended that users upgrade to the latest version to mitigate this threat.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Affected Products
- Router Manager