Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Use of insufficiently random values vulnerability in SYNO.Encryption.GenRandomKey in Synology DiskStation Manager (DSM) before 6.2-23739 allows man-in-the-middle attackers to compromise non-HTTPS sessions via unspecified vectors.
CVSS Information
N/A
Vulnerability Type
使用不充分的随机数
Vulnerability Title
Synology DiskStation Manager 安全漏洞
Vulnerability Description
Synology DiskStation Manager(DSM)是群晖科技(Synology)公司的一套用于网络储存服务器(NAS)上的操作系统。该操作系统可管理资料、文件、照片、音乐等信息。 Synology DSM 6.2-23739之前版本中的SYNO.Encryption.GenRandomKey存在安全漏洞,该漏洞源于程序使用了不安全的随机值。攻击者可利用该漏洞实施中间人攻击,控制非HTTPS的会话。
CVSS Information
N/A
Vulnerability Type
N/A