Synology: 4 Security Advisories Concerning NAS App

Synology, Inc. had published 4 security advisories concerning its NAS OS applications.

SA-22:11 Storage Analyzer
Publish time: 2022-08-03 10:21:30 UTC+8
Last updated: 2022-08-03 10:21:30 UTC+8
Severity : Moderate
Status : Resolved

Abstract
A vulnerability allows remote authenticated users to delete arbitrary files via a susceptible version of Storage Analyzer.

Affected products

Mitigation : None

Detail

• CVE-2022-27618

  • Severity: moderate

  • CVSS3 Base Score: 6.8

  • CVSS3 Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:N

  • Improper limitation of a pathname to a restricted directory (‘Path Traversal’) vulnerability in webapi component in Synology Storage Analyzer before 2.1.0-0390 allows remote authenticated users to delete arbitrary files via unspecified vectors.

Acknowledgement
Qian Chen (@cq674350529) from Codesafe Team of Legendsec at Qi’anxin Group

Revision

SA-22:12 Synology Note Station Client
Publish time: 2022-08-03 10:44:45 UTC+8
Last updated: 2022-08-03 10:44:45 UTC+8
Severity : Moderate
Status : Resolved

Abstract
A vulnerability allows man-in-the-middle attackers to obtain sensitive information via a susceptible version of Synology Note Station Client.

Affected Products

Mitigation : None

Detail

• CVE-2022-27619

  • Severity: Moderate

  • CVSS3 Base Score: 6.8

  • CVSS3 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N

  • Cleartext transmission of sensitive information vulnerability in authentication management in Synology Note Station Client before 2.2.2-609 allows man-in-the-middle attackers to obtain sensitive information via unspecified vectors.

Acknowledgement
Qian Chen (@cq674350529) from Codesafe Team of Legendsec at Qi’anxin Group

Revision

SA-22:13 SSO Server
Publish time: 2022-08-03 11:15:26 UTC+8
Last updated: 2022-08-03 11:15:26 UTC+8
Severity : Moderate
Status : Ongoing

Abstract
A vulnerability allows remote authenticated users to read arbitrary files via a susceptible version of SSO Server.

Affected products

Mitigation : None

Detail

• CVE-2022-27620

  • Severity: Moderate

  • CVSS3 Base Score: 6.8

  • CVSS3 Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N

  • Improper limitation of a pathname to a restricted directory (‘Path Traversal’) vulnerability in webapi component in Synology SSO Server before 2.2.3-0331 allows remote authenticated users to read arbitrary files via unspecified vectors.

Acknowledgement
Qian Chen (@cq674350529) from Codesafe Team of Legendsec at Qi’anxin Group

Revision

SA-22:14 USB Copy
Publish time: 2022-08-03 11:21:59 UTC+8
Last updated: 2022-08-03 14:13:44 UTC+8
Severity : Moderate
Status : Resolved

Abstract
A vulnerability allows remote authenticated users to read or write arbitrary files via a susceptible version of USB Copy.

Affected products

Mitigation : None

Detail

• CVE-2022-27621

  • Severity: Moderate

  • CVSS3 Base Score: 5.5

  • CVSS3 Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N

  • Improper limitation of a pathname to a restricted directory (‘Path Traversal’) vulnerability in webapi component in Synology USB Copy before 2.2.0-1086 allows remote authenticated users to read or write arbitrary files via unspecified vectors.

Acknowledgement
Qian Chen (@cq674350529) from Codesafe Team of Legendsec at Qi’anxin Group

Revision