![]() The vulnerability is described as an out-of-bounds write vulnerability in Remote Desktop Functionality in Synology VPN Plus Server before 1.4.3-0534 and 1.4.4-0635 which allows remote attackers to execute arbitrary commands via unspecified vectors. ![]() The vulnerability in VPN Plus Server got listed as CVE-2022-43931. Its goal is to make it easier to share data across separate vulnerability capabilities (tools, databases, and services). The Common Vulnerabilities and Exposures (CVE) database is a list of publicly disclosed computer security flaws. The Synology VPN Plus Server is a business VPN that allows users to easily access and control client desktops within a network under a Synology Router, from anywhere, as long as they have Internet access, without further need of a client software. Business VPNs create a tunnel between a user and the organization they work for, so they can access business information securely over the Internet. Consumer VPNs create a secure tunnel between a user and their VPN provider, so they can hide their browsing habits from their ISP and use their VPN provider's IP address to connect to the Internet. VPN Plus Server allows users to turn their Synology Router into a Virtual Rrivate Network (VPN) server.Ī VPN uses encryption to create a secure connection over a public network, such as the Internet. Synology has issued an advisory about a vulnerability that allows remote attackers to execute arbitrary commands through a susceptible version of Synology VPN Plus Server.
0 Comments
Leave a Reply. |