CVE-2018-8918

Summary

Cross-site scripting (XSS) vulnerability in info.cgi in Synology Router Manager (SRM) before 1.1.7-6941 allows remote attackers to inject arbitrary web script or HTML via the host parameter.

Affected Software

VendorProductVersion RangeStatus
SynologySynology Router Manager (SRM)unspecified < 1.1.7-6941affected

Weaknesses

  • CWE-79: Cross-site Scripting (CWE-79)

ADP Enrichment

CVE Program Container

Additional References

References