CVE-2018-13283
8.8
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Summary
Lack of administrator control over security vulnerability in client.cgi in Synology SSL VPN Client before 1.2.5-0226 allows remote attackers to conduct man-in-the-middle attacks via the (1) command, (2) hostname, or (3) port parameter.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Synology | SSL VPN Client | unspecified < 1.2.5-0226 | affected |
Weaknesses
- CWE-671: Lack of Administrator Control over Security (CWE-671)
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.