Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The Multicast DNS (mDNS) responder in Synology DiskStation Manager (DSM) before 3.1 inadvertently responds to unicast queries with source addresses that are not link-local, which allows remote attackers to cause a denial of service (traffic amplification) or obtain potentially sensitive information via port-5353 UDP packets to the Avahi component.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Synology DiskStation Manager Multicast DNS 信息泄露漏洞
Vulnerability Description
Synology DiskStation Manager(DSM)是群晖科技(Synology)公司的一套用于网络储存服务器(NAS)上的操作系统。该操作系统可管理资料、文件、照片、音乐等信息。 Synology DSM 3.0及之前版本的Multicast DNS(mDNS)响应器中存在安全漏洞,该漏洞源于程序没有正确响应带有特制的源地址(不是本地链接)的单播查询。远程攻击者可通过向Avahi组件发送port-5353 UDP数据包利用该漏洞造成拒绝服务(流量扩增),或获取潜在的敏感信息。
CVSS Information
N/A
Vulnerability Type
N/A