Synology DiskStation Manager Vulnerability Allow Remote Attackers to Execute Arbitrary Commands

A serious flaw in DiskStation Manager lets hackers from outside the network run any command they want This article explores telnet service vulnerability. . The CVSSv3 base score for this vulnerability is 9.8, which is very close to the highest possible score.

This means it is a critical threat. To fix the problem, Synology has put out firmware updates for the operating systems that were most affected. Synology says that the risk of remote exploitation is completely gone if you turn off the TelNET service, since the vulnerability only works with the Telnet protocol. If you're an administrator in charge of systems that need a patch, like DSMUC 3.1, the company strongly suggests that you apply a temporary fix right away.

The company has also put out a very important security patch for the DSMUC3.1 operating system, which is still being worked on.

This specific GNU Inetutils vulnerability doesn't affect other enterprise products like BeeStation OS 1.4, SRM 1.3, and VS600HD 1.2 at all. The security flaw is a classic buffer overflow (CWE-120). The LINEMODE SLC (Set Local Characters) suboption handler doesn't handle inputs correctly during an active network session because the add_slc function doesn't check to see if the buffer is already full.

A threat actor can use this memory corruption to get around authentication and run harmful commands directly on the host system. Telnet sends data in plain text and is widely seen as an old protocol, so turning it off for good is in line with modern cybersecurity best practices.