OpenCVE

Out-of-bounds write vulnerability in Remote Desktop Functionality in Synology VPN Plus Server before 1.4.3-0534 and 1.4.4-0635 allows remote attackers to execute arbitrary commands via unspecified vectors.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Synology	Router Manager Vpn Plus Server

Configuration 1 [-]

AND

cpe:2.3:a:synology:vpn_plus_server:*:*:*:*:*:*:*:*

cpe:2.3:o:synology:router_manager:1.2:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:a:synology:vpn_plus_server:*:*:*:*:*:*:*:*

cpe:2.3:o:synology:router_manager:1.3:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://www.synology.com/en-global/security/advisory/Synology_SA_22_26

History

No history.

MITRE

Status: PUBLISHED

Assigner: synology

Published: 2023-01-03T03:11:03.979Z

Updated: 2024-08-03T13:40:06.582Z

Reserved: 2022-10-26T17:55:30.258Z

Link: CVE-2022-43931

Vulnrichment

No data.

NVD

Status : Modified

Published: 2023-01-03T04:15:09.470

Modified: 2024-11-21T07:27:22.750

Link: CVE-2022-43931

Redhat

No data.

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:synology:vpn_plus_server:*:*:*:*:*:*:*:*", "matchCriteriaId": "1B9447F9-2136-4373-874A-EB22975E05A8", "versionEndExcluding": "1.4.3-0534", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:synology:router_manager:1.2:*:*:*:*:*:*:*", "matchCriteriaId": "43088D16-C9DE-4562-A935-F0A056FAC94F", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:synology:vpn_plus_server:*:*:*:*:*:*:*:*", "matchCriteriaId": "466C2C1F-6D2D-45F8-AA1D-B9A15B5A8DDE", "versionEndExcluding": "1.4.4-0635", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:synology:router_manager:1.3:*:*:*:*:*:*:*", "matchCriteriaId": "69719ACD-229C-4685-BADB-52FB55671BD9", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "Out-of-bounds write vulnerability in Remote Desktop Functionality in Synology VPN Plus Server before 1.4.3-0534 and 1.4.4-0635 allows remote attackers to execute arbitrary commands via unspecified vectors."}, {"lang": "es", "value": "Vulnerabilidad de escritura fuera de los l\u00edmites en la funcionalidad de escritorio remoto en Synology VPN Plus Server anterior a 1.4.3-0534 y 1.4.4-0635 permite a atacantes remotos ejecutar comandos arbitrarios a trav\u00e9s de vectores no especificados."}], "id": "CVE-2022-43931", "lastModified": "2024-11-21T07:27:22.750", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 10.0, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 6.0, "source": "security@synology.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 10.0, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 6.0, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-01-03T04:15:09.470", "references": [{"source": "security@synology.com", "tags": ["Vendor Advisory"], "url": "https://www.synology.com/en-global/security/advisory/Synology_SA_22_26"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://www.synology.com/en-global/security/advisory/Synology_SA_22_26"}], "sourceIdentifier": "security@synology.com", "vulnStatus": "Modified"}