Improper certificate validation vulnerability in OpenVPN client in Synology DiskStation Manager (DSM) before 6.2.3-25426-2 allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: synology

Published: 2020-10-29T09:00:25.133928Z

Updated: 2024-09-16T20:27:27.929Z

Reserved: 2020-10-22T00:00:00

Link: CVE-2020-27648

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Analyzed

Published: 2020-10-29T09:15:12.573

Modified: 2020-11-09T14:59:46.727

Link: CVE-2020-27648

cve-icon Redhat

No data.