CVE-2020-27653

High

Algorithm downgrade vulnerability in QuickConnect in Synology Router Manager (SRM) before 1.2.4-8081 allows man-in-the-middle attackers to…

synology·CWE-327·Published 2020-10-29

CVSS

8.3

EPSS

0.01

KEV

Exploits

cve.orgen

210 chars

Algorithm downgrade vulnerability in QuickConnect in Synology Router Manager (SRM) before 1.2.4-8081 allows man-in-the-middle attackers to spoof servers and obtain sensitive information via unspecified vectors.

NVDen

210 chars

NVDes

273 chars

Una vulnerabilidad de degradación del algoritmo en QuickConnect en Synology Router Manager (SRM) versiones anteriores a 1.2.4-8081, permite a atacantes de tipo man-in-the-middle falsificar servidores y obtener información confidencial por medio de vectores no especificados

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	5.1	4.9	6.4	AV:N/AC:H/Au:N/C:P/I:P/A:P
3.1	Primary	cve.org	8.3	—	—	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H