CVE-2024-39348

Summary

Download of code without integrity check vulnerability in AirPrint functionality in Synology Router Manager (SRM) before 1.2.5-8227-11 and 1.3.1-9346-8 allows man-in-the-middle attackers to execute arbitrary code via unspecified vectors.

Affected Software

VendorProductVersion RangeStatus
SynologySynology Router Manager (SRM)1.3 < 1.3.1-9346-8affected
SynologySynology Router Manager (SRM)1.2 < 1.2.5-8227-11affected
SynologySynology Router Manager (SRM)0 < 1.2unknown

Weaknesses

  • CWE-494: CWE-494: Download of Code Without Integrity Check

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

CVE Program Container

Additional References

References