CVE-2020-27656

Cleartext transmission of sensitive information vulnerability in DDNS in Synology DiskStation Manager (DSM) before 6.2.3-25426-2 allows man-in-the-middle attackers to eavesdrop authentication information of DNSExit via unspecified vectors.

Link	Resource
https://www.synology.com/security/advisory/Synology_SA_20_18	Vendor Advisory
https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1071	Exploit Third Party Advisory

Configuration 1

cpe:2.3:a:synology:diskstation_manager:*:*:*:*:*:*:*:*

---

Published : 2020-10-29 09:15

Updated : 2020-11-03 09:02

---

NVD link : CVE-2020-27656

Mitre link : CVE-2020-27656

No products.

CWE-319

Cleartext Transmission of Sensitive Information