The critical vulnerability affects SRM 1.2, and upgrading to 1.2-7742-5 or later should resolve the vulnerability. The company has still released the security warning Synology-SA-18:65 SRM (thanks to for the hint).Ī vulnerability allows remote attackers to execute arbitrary code via a susceptible version of Synology Router Manager (SRM).Ī vulnerability allows remote attackers to execute arbitrary code through a vulnerable version of Synology Router Manager (SRM). I had already reported about the older Magellan vulnerability in December 2018 in the blog post Magellan: Security Advisory Synology-SA-18:61. Hey, I tried updating from 11.3RC2 to 11.3. Press question mark to learn the rest of the keyboard shortcuts.
#FREENAS UPDATE NETATALK NOT PRESENT SOFTWARE#
If the auto-update is active on the devices, the devices or the software should be updated automatically. Auto update via GUI does only bring me to RC Press J to jump to the feed. The upgrades will all be available, according to a message from a Synology spokesman to German site. There is also another vulnerability for which the vendor has issued the Synology-SA-18:64 DSM security alert. Vulnerability in Synology Diskstation Manager (DSM) Anyone using Netatalk on other devices (QNAP, FreeNAS, Linux) should also take care of the issue there and clarify whether an update is necessary/available. The above article refers only to Synology's security alerts.
The Netatalk software is a free software suite that provides components of the AppleTalk protocol family under POSIX-compatible operating systems. In addition, remote exploitation is only possible if the device and its login interface are accessible via the Internet. Notes: This vulnerability only takes effect, if the Apple AFP (Netatalk) protocol is used on devices. The following Synology products are affected. The vulnerability allows remote attackers to execute arbitrary code through a vulnerable version of Synology Diskstation Manager (DSM) and Synology Router Manager (SRM). This version fixes many bugs from previous 8.x versions and several features mentioned in this Guide were not available or did not.
Synology released this security warning ( Synology_SA_18_62) about a vulnerability in Netatalk software.
0 kommentar(er)
