CNNVD-202512-574 Information

CNNVD ID

CNNVD-202512-574

Related CVE

CVE-2025-29843

• CNNVD Published: 2025-12-04

Description (Chinese)

Synology Router Manager（SRM）是中国群晖（Synology）公司的一款用于配置和管理Synology路由器的软件。 Synology Router Manager存在路径遍历漏洞，该漏洞源于 FileStation thumb cgi允许远程认证用户可读写图像文件。

Description (English)

Synology Router Manager (SRM) is a software set up by Synology China to configure and manage Synology routers. Synology Router Manager has a loophole in its path, which stems from the fact that FileStation thumbmb cgi allows remote authentication of user-readable and writing image files.

Hazard Level

High

Vulnerability Type

路径遍历

Affected Vendor

群晖

Published

2025-12-04

Last Modified

2026-02-24

References

https://www.synology.com/en-global/security/advisory/Synology_SA_25_04 https://access.redhat.com/security/cve/cve-2025-29843

Patch

https://www.synology.com/en-global/security/advisory/Synology_SA_25_04