CVE-2020-27649

Summary

Improper certificate validation vulnerability in OpenVPN client in Synology Router Manager (SRM) before 1.2.4-8081 allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

Affected Software

VendorProductVersion RangeStatus
SynologySynology Router Manager (SRM)unspecified < 1.2.4-8081affected

Weaknesses

  • CWE-295: CWE-295: Improper Certificate Validation

ADP Enrichment

CVE Program Container

Additional References

References