CVE-2017-12078

Summary

Command injection vulnerability in EZ-Internet in Synology Router Manager (SRM) before 1.1.6-6931 allows remote authenticated users to execute arbitrary command via the username parameter.

Affected Software

VendorProductVersion RangeStatus
SynologySynology Router Manager (SRM)unspecified < 1.1.6-6931affected

Weaknesses

  • CWE-77: Improper Neutralization of Special Elements used in a Command (CWE-77)

ADP Enrichment

CVE Program Container

Additional References

References