CNNVD-202508-3592 Information

CNNVD ID

CNNVD-202508-3592

Related CVE

CVE-2024-13987

• CNNVD Published: 2025-08-29

Description (Chinese)

Synology RADIUS Server是中国群晖（Synology）公司的一个网络通信服务器。 Synology RADIUS Server 3.0.27-0139之前版本存在跨站脚本漏洞，该漏洞源于输入中和不当，可能导致跨站脚本攻击。

Description (English)

Synology RADIUS Server is a web-based communications server for Synology. Synology RADIUS Server 3.0.27-0139 had a cross-site script loophole, which originated in inappropriate input and could lead to cross-site script attacks.

Hazard Level

High

Vulnerability Type

跨站脚本

Affected Vendor

群晖

Published

2025-08-29

Last Modified

2026-02-24

References

https://www.synology.com/en-global/security/advisory/Synology_SA_25_10 https://vigilance.fr/vulnerability/Synology-RADIUS-Server-read-write-access-dated-01-09-2025-48103 https://access.redhat.com/security/cve/cve-2024-13987 https://nvd.nist.gov/vuln/detail/CVE-2024-13987